Lead AWS DevSecOps Engineer
Remote, USA
Applications have closed
Stitch Fix
Stitch Fix is personal styling for men, women & kids that sends clothing to your door (with free shipping & returns). Get started & find clothes you'll love!ABOUT THE ROLE
Stitch Fix is looking for a Lead Engineer to help build our Zero Trust Network Architecture.
The individual in this role will be part of the Security Operations Team and work closely with the various Security, IT, Engineering teams to build an modern resilient network. In addition, the individual will step in and contribute their technical expertise to our IT and Platform teams. The candidate should have strong experience with deploying and managing networks, VPN (e.g. Zscaler, Netskope) and other similar technologies in a largely AWS environment.
Our team members are given a great deal of autonomy in the pursuit of keeping Stitch Fix secure, and the successful candidate will demonstrate strong communication skills. They should be comfortable and productive, working independently, partnering with a larger, highly distributed engineering team.
We’re looking specifically for folks who are interested in usable security and rely on automation where possible. Stitch Fix is a fast-growing company, and our security program needs to be able to keep pace with that growth while not disrupting innovation.
REQUISITE SKILLS AND EXPERIENCE
Skills we are looking for are broad - building, deploying, and maintaining network security devices and services in an AWS heavy organization. We are open to folks that don’t come from traditional security backgrounds. We are looking for a mix of the following skills, and don’t expect candidates to be experts in all.
REQUIREMENTS- Some experience with AWS cloud networking concepts and technologies such as (Transit Gateway, Security Groups, IPv6, OSI Model, etc.)
- Some experience with DevOps/Infrastructure as Code like Terraform and CloudFormation
- Some experience with various programming languages (preferably Ruby, Python or Golang)
- Written / verbal communication skills - producing technical / architectural documentation and best practice guidance
- Strong partnership and soft skills to influence outside of the Security organization to cooperation and resolution during security events
- Strong experience with Web Gateways, CASB, Firewalls, VPNs, such as (Zscaler ZPA/ZIA, Netskope, etc.)
- Understanding of common logging software (Splunk, SumoLogic, Securonix, Datadog, Elasticsearch or similar)
- Understanding of common adversarial tools and techniques and IOCs (Indicators of Compromise)
- Understanding of security vulnerabilities and performing threat models for a given vulnerability
- Experience performing security risk analysis
ABOUT THE TECHNOLOGY
Technologies we rely on to pursue solutions to business problems include:
- AWS Transit Gateway / Lambda / RDS / ECS / EKS
- Cisco Meraki
- Zscaler ZPA
- HashiCorp Terraform
- Ruby on Rails
- Golang
- Docker
- Python
- Jira
Even if you already have experience with these tools, you'll have the chance to get even better with them. And if you don't already use at least a few of these tools, we will help you learn and become effective with them.
Tags: Automation AWS Cloud DevOps DevSecOps Docker Elasticsearch Firewalls Golang Jira Lambda Network security Python Risk analysis Ruby Splunk Terraform VPN Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs