Manager - Cloud Security

Arctic Wolf, with its unicorn valuation, is the leader in security operations in an exciting and fast-growing industry—cybersecurity. We have won countless awards for our excellence in security operations and remain dedicated to providing an industry-leading customer and employee experience.

Our mission is simple: End Cyber Risk. We’re looking for an Manager - Cloud Security to be part of making this happen.  

Overview

A Cloud Security Manager guides, plans, and supports all aspects of development and engineering activities within the team responsible for Protect and Detect for the Arctic Wolf cloud infrastructure. They report into the Senior Director of Product Security. They work closely with R&D and Architecture Leadership, R&D Infrastructure Engineering, Enterprise Security, and service teams to ensure the organization is building whats needed in a timely fashion, and adhering to best security, architectural, and compliance standards. A Manager could have multiple teams and technical leads reporting to them.

In addition to aligning with the R&D development/service organization on feature/product delivery, the Manager works alongside Architecture, Information Security, IT, BizApps, GRC, and R&D Operations teams to:

• Identify infrastructure security risks,

• Respond to infrastructure security findings and incidents,

• Manage cloud security tooling and features to maximize benefit and developer experience.

• Define policies and processes for the organization,

• Support improvement in patching and vulnerability management,

• Select and implement security tooling and integrations across multiple platforms (ex: GitHub, AWS),

• Supporting various business processes such as regular compliance/audit activities, and any other activities that come up related to infrastructure or cloud security across the company.

Scope of Role

Largely focused on our R&D/product environment, Cloud Security is responsible for Access Control, Protect and Detect (tooling, process), and response and operations for cloud/infrastructure security. Cloud Security acts as a consultant for any cloud security related discussions, both inside and outside of R&D (including corporate, non-product, test and development environments).

Generate and support projects as well as operational and tech debt reduction work for the Cloud Security Team. Work with stakeholders, infra managers and product management, and R&D Leadership to define and deliver on the 3 and 6 month roadmap, as well as maintaining a rough 1+ year roadmap.

Communicate security goals and vision through R&D by working with teams, stakeholders, leadership, and their teams. Give and accept feedback on security issues, and drive changes to behaviour, processes, technology that leads to a more secure environment.

Focus on implementing tools, automation, and services that provide a tangible benefit and improvement in our security posture, in usability, and in a more secure product.

The role relies heavily on building and maintaining communication and relationship with stakeholders, peer teams, and user communities

Responsibilities

• Manage team that will deliver high quality, innovative software, infrastructure, and security solutions, in collaboration with stakeholders

• Advocate for the team, team objectives and outcomes, and align with peer team objectives and outcomes

• Manage the full suite of AWS security tools and configuration, including IAM, Security Hub, GuardDuty, as well as managing configuration and monitoring around compliance regimes in AWS

• Support and guide development of new tools, features, automation, and glue with your expertise in one of our common languages (Python, GO)

• Help guide security and compliance process and policies, define and support best practices, and be an advocate security and compliance outcomes in R&D

• Help define then execute on the agreed upon roadmap

• Ensure teams are highly motivated, performing well, and delivering work on time.

• Engage with Project and Product management throughout project lifecycle.

• Make sure each team is clear on the objectives and deliverables, and help provide guidance and direction to keep delivery on track

• Work with Architects to define and execute on the company's technical roadmap. 

• Support cost estimates and budgeting for projects and operational work

• Work with vendors (ex: AWS) on roadmap, features, issues, and building relationships

• Manage and support the people on the Cloud Security team

• Execute administrative responsibilities (vacation, compensation reviews, training)

• Lead recruitment efforts for their team for both regular and co-op employees. 

• Implement, support, and actively demonstrate Arctic Wolf Principles and Cultural Tenets

• Mentor each team member; help them grow their technical and leadership skills by setting goals and tracking progress, managing performance reviews and calibration, and advocating for their path

Technology you may work with while you are here:

• Cloud: GuardDuty, CloudTrail, Security Hub, CloudWatch, CloudFormation, security groups, VPC flow logs, certificate management (ACM), key management (KMS), Athena, EKS, Inspector, WAF, Shield, Lambda and other serverless technology, Terraform, Azure Defender, GCP SCC

• Platforms: Kubernetes, Docker, ECS, ElasticSearch, Kafka

• Programming: Go, Python

• CI/CD: GitHub, Github Actions, Harness

• Observability: Prometheus, Grafana, Alert Manager, CloudWatch

• Business: Jira, Confluence, Workday, o365

About Arctic Wolf 

At Arctic Wolf we’re cultivating a collaborative and productive work environment that welcomes a diversity of backgrounds, cultures, and ideas to make our teams even stronger as we grow globally. We’ve been named one of the 50 Most Innovative Companies in the world for 2022 (Fast Company)—and the 2nd Most Innovative Security Company. This is in addition to consecutive awards from Top Workplace USA (2021, 2022), Best Places to Work - USA (2021, 2022) and Great Place to Work - Canada (2021, 2022). 

Our Values 

Arctic Wolf recognizes that success comes from delighting our customers, so we work together to ensure that happens every day. We believe in diversity and inclusion, and truly value the unique qualities and unique perspectives all employees bring to the organization. And we appreciate that—by protecting people’s and organizations’ sensitive data and seeking to end cyber risk— we get to work in an industry that is fundamental to the greater good. 

We celebrate unique perspectives by creating a platform for all voices to be heard through our Pack Unity program. We encourage all employees to join or create a new alliance. See more about our Pack Unity here.  

We also believe and practice corporate responsibility, and have recently joined the Pledge 1% Movement, ensuring that we continue to give back to our community. We know that through our mission to End Cyber Risk we will continue to engage and give back to our communities. 

All wolves receive compelling compensation and benefits packages, including: 

• Equity for all employees 

• Bonus or commission pay based on role 

• Flexible time off, paid volunteer days and paid parental leave 

• 401k/RRSP match

• Medical, Dental, and Vision insurance 

• Health Savings and Flexible Spending Agreement 

• Voluntary Legal Insurance 

• Training and career development programs 

Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law. Arctic Wolf is committed to fostering a welcoming, accessible, respectful, and inclusive environment ensuring equal access and participation for people with disabilities. As such, we strive to make our entire employee experience as accessible as possible and provide accommodations as required for candidates and employees with disabilities and/or other specific needs where possible. Please let us know if you require any accommodations by emailing recruiting@arcticwolf.com. 

Security Requirements 

• Conducts duties and responsibilities in accordance with AWN’s Information Security policies, standards, processes and controls to protect the confidentiality, integrity and availability of AWN business information (in accordance with our employee handbook and corporate policies).

• Background checks are required for this position.