Responsibilities
- Securely deploy and maintain infrastructure across diverse multi-cloud environments (AWS, Azure, GCP, OCI), establishing cloud-specific robust guardrails to prevent insecure deployments and configurations.
- Implement and enforce security best practices and policies specifically tailored for Cloud native Kubernetes clusters, including granular Role-Based Access Control (RBAC), network policies, and admission controllers.
- Develop, implement, and enforce robust security policies and procedures specifically related to user authentication and authorization across all systems.
- Manage user identities (traditional active directory, email platforms, cloud solutions) and rigorously enforce the principle of least privilege on Cloud, cloud service, and container levels.
- Ensure the security of container images, registries, and runtime environments through the effective use of tools like Docker, Podman, and various container scanning solutions.
- Manage infrastructure and security policies through version-controlled Git repositories using tools such as Terraform, CloudFormation, or AWS CDK to ensure consistent, auditable, and secure deployments.
- Maintain CSPM tools such as Wiz to continuously detect and remediate misconfigurations and compliance drifts across the cloud footprint.
- Automate compliance checks and generate necessary evidence for audits across the multi-cloud environment, streamlining regulatory adherence.
- Monitor and protect running applications and containers from threats during their operational lifecycle.
Requirements
- 5+ years of industry experience in software engineering or security engineering, with a focus on designing and building secure, production-grade cloud systems.
- Extensive, demonstrable experience with Kubernetes from a security perspective (e.g., securing containerized workloads, enforcing RBAC, and cloud-native secret management).
- Implemented AI to rapidly identify, validate, and remediate security issues without impact.
- Deep operational security experience with AWS (mandatory), with highly preferred practical experience deploying and securing infrastructure across Azure, GCP, or OCI.
- Proficiency in Infrastructure-as-Code (IaC) tools such as Terraform, CloudFormation, or AWS CDK to deploy and manage environments.
- Hands-on expertise in configuring, monitoring, and driving remediation through Cloud Security Posture Management (CSPM) platforms like Wiz.
- A strong background in designing and enforcing complex Identity & Access Management (IAM) and least-privilege architectures across both multi-cloud and traditional on-premises directory environments.
- Experience working with container security, image scanning, and runtime protection tools.
Nice to Have
- Advanced industry certifications related to cloud and container security (e.g., AWS Certified Security – Specialty, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA)).
- Strong proficiency in programming or scripting languages commonly used for security automation and backend development (e.g., Go/Golang, Python, or C++).
- Prior experience automating compliance frameworks and generating audit evidence across a multi-cloud footprint.
- Experience securing and operating in air-gapped or highly constrained on-premises computing environments.
Work Arrangement
On-site — Sunnyvale, California, Washington, D.C., San Diego, Ft. Walton Beach, Florida, Ann Arbor, Michigan, London, Stuttgart, Munich, Stockholm, Bangalore, Seoul, Tokyo
Additional Information
- We are an in-office company, and our expectation is that employees primarily work from their Applied Intuition office 5 days a week.
- Occasional remote work may be allowed, including starting the day with morning meetings from home before heading to the office, or leaving earlier when needed to accommodate family commitments.
- Applied Intuition is an equal opportunity employer and federal contractor or subcontractor.
- The company complies with 41 CFR 60-1.4(a), 41 CFR 60-300.5(a), and 41 CFR 60-741.5(a), which prohibit discrimination and require affirmative action in employment.
- Compensation includes base salary, equity, and benefits such as health, dental, vision, life and disability insurance, 411k with employer match, learning and wellness stipends, and paid time off.
- Base salary range reflects minimum and maximum intended target for new hires; actual offer depends on experience, credentials, education, skills, interview performance, and position level.
- Benefits are subject to change and may vary based on jurisdiction of employment.