Cloud Security Engineer

Krakow, Lesser Poland, Poland

Ocado Technology logo
Ocado Technology
Apply now Apply later

Posted 3 weeks ago

Job Purpose

 

Cloud Security Engineer will be a member of GCP Cloud services team. The team's role is to convert Google Cloud Platform offering into enterprise level, secure, auditable and scalable solution that is easy to use by other engineering teams in Ocado. As a Security Engineer you’ll target the security aspect of this team’s mission, but you’ll not be on your own -  you’ll work closely with team members as well as other engineering teams on designing frictionless platform finding the right balance between expected security comfort and developers autonomy. You will collaborate with Infosec, Appsec and Internal Audit teams to build alignment on Ocado security strategy as well as on ongoing SOC2 attestation. As a subject matter expert you’ll try to build cloud security awareness among engineers and inspire them to be proactive. 

 

The role involves working across a wide range of technologies and business applications in a very technical and dynamic environment. It requires great communication, a desire to learn but most importantly, a real passion for security.

 

Roles & Responsibilities

  • Help building cloud security awareness among engineers
  • Work closely with software developers on designing secure GCP solutions 
  • Maintain and update existing thread models and risk registries
  • Conduct security risk assessments
  • Work on addressing top priority cloud security risks
  • Design and implement central controls to enforce critical security policies
  • Perform security audits on dynamically evolving infrastructure 
  • Evaluate latest security features offered by our cloud providers and create adoption plans
  • Develop tools and policies to help detect security vulnerabilities
  • Investigate security alerts and respond to security incidents
  • Participate in incident response calls and security post mortems in GCP area
  • Help integrate logging pipelines with central SIEM system
  • Help creating new policies and documenting it 
  • Provide guidance to other teams regarding best cloud security practices
  • Keep up to date with the current security and threat landscape

We’d like to hear from you if you have

  • Passion to security
  • Strong interest in cloud computing
  • A desire to leave your comfort zone and broaden your skills 
  • A degree in Information Security, Computer Science or equivalent experience
  • A broad technical background covering operating systems, networks, cloud and software development
  • Some programming experience in either Python or Java 
  • Detailed knowledge of at least one of the following operating systems: Linux, Windows or Mac OS
  • Knowledge of common security vulnerabilities and the technical knowledge to assess their severity and impact
  • Good understanding of security principles (least privilege, separation of duties, CIA triad etc) and how they apply to real world scenarios
  • Good understanding of the security community, toolsets and knowledge sources
  • Excellent verbal and written communication skills and able to build relationships across multiple teams with disparate skills
  • A focus on detail with a desire to provide 100% solutions and answers
  • Proactive approach, able to work on multiple parallel activities in a fast-paced environment and adapt quickly to changing priorities

Bonus points for

  • Experience with implementing and managing the lifecycle of enterprise-scale security tools and services.
  • Experience with configuring Google Cloud Platform or AWS to security best practices.
  • Secure SDLC Principles and Practices

 

Job tags: Audits AWS CIA Google Incident response Java Linux Python SIEM Strategy Vulnerabilities Windows