Flex Security Engineer
Vancouver, British Columbia, Canada
Join SADA as a Flex Security Engineer!
As a Flex Security Engineer on the SRE team at SADA, you will reduce customer anxiety of running production workloads in the cloud by implementing and iteratively improving observability, reliability, and security. You will have the opportunity to engage with our customers in a meaningful way by defining, measuring, and improving key business metrics; eliminating toil through automation; inspecting code, design, implementation, and operational procedures; enabling experimentation by helping create a culture of ownership; increase deployment velocity without compromising safety; and winning customer trust through education, skill sharing, and implementing recommendations. Your efforts will accelerate our customers’ cloud adoption journey and we will be with them through the transformation of their applications, infrastructure, and internal processes. You will be part of a new social contract between customers and service providers that demands shared responsibility and accountability: our partnership with our customers will ensure we are working towards a common goal and share a common fate.
This is primarily a customer-facing role. You will also work closely with SADA’s Customer Experience team to execute on their recommendations to our customers, and with Professional Services on large projects that require PMO support. The success of the SRE team will be evaluated by our ability to measure the value of modernization.
Pathway to Success
#MakeThemRave is at the foundation of all our engineering. Our motivation is to provide customers with an exceptional experience in migrating, developing, modernizing, and operationalizing their systems in Google Cloud Platform.
Your success starts by positively impacting the direction of a fast-growing practice with vision and passion. You will be measured bi-yearly by the breadth, magnitude, and quality of your contributions, your ability to estimate accurately, customer feedback at the close of projects, how well you collaborate with your peers, and the consultative polish you bring to customer interactions.
As you continue to execute successfully, we will build a customized development plan together that leads you through the engineering or management growth tracks.
Required Travel - 10% travel to customer sites, conferences, and other related events.
Customer Facing - You will interact with customers on a regular basis, sometimes daily, other times weekly/bi-weekly. Common touchpoints occur when qualifying potential opportunities, at project kickoff, throughout the engagement as progress is communicated, and at project close.
Onboarding/Training - The first several weeks of onboarding are dedicated to learning and will encompass learning materials/assignments and compliance training, as well as meetings with relevant individuals. Details of the timeline are shared closer to the start date.
- Google Cloud Architect Certified or able to complete within the first 45 days of employment.
- Preferred security certification (e.g., CISSP, GIAC, CCSP, etc.)
- 7+ years of expertise in security architecture, cloud security, and application security
- DevSecOps and automation mindset
- Expert level in IT infrastructure security (Linux, Windows, networks, cloud, etc)
- Highly collaborative in a fast-paced team environment with strong written and verbal communication skills
- Experience with designing, implementing, and managing application security threat modeling
- Expertise with vulnerability scanning, container scanning, and SAST/DAST
- Expertise in identity & access management and certificate & key management solutions
- 3+ years in software development using languages like Python, Go, bash, Java, etc
- Proficient in establishment of security standards, policies, and best practice principles and documentation
- Ability to participate in software code refactoring to address application security
- Exposure to full stack development in a cloud environment using CI/CD principals
- Working knowledge in version control such as GitHub, GitLab, Bitbucket, etc
- Experience implementing security in microservices & serverless architecture, and in messaging between services
- Expert in implementing principle of least privilege and separation of duties with ability to architect for defense in depth
- Ability to support security governance and compliance using secure template management, IAM permissions, and configuration drift detection/remediation
- Experience using various tools to automate security in the release pipeline
- Experience implementing application authentication and authorization using SAML, OAuth, OIDC, LDAP, Kerberos
- Experience with tooling used for Security Information and Event Management (SIEM), Endpoint Detection and Response, Managed Detection and Response, or Extended Detection and Response
- Expertise with dependency and library management and supply chain integrity
- Example technologies: Grafeas, SLSA, Black Duck, OpenSCAP, Trend Micro Cloud One, Orca Security, Splunk, Splunk Phantom, Sysdig, Aqua, kube-bench, kube-hunter, trivy, Clair, Check Point, Chef InSpec, GitLab SAST/DAST, Palo Alto Prisma Cloud, Palo Alto Cortex XSOAR, TFLint, ScoutSuite, CoreStack, CloudKnox, Hashicorp Vault, CyberArk, Thyotic, Nessus, Crowdstrike, Okta, Auth0, Active Directory
Candidates with these qualifications will have stronger standing, but they are not absolutely necessary.
- Understanding of Chaos Engineering
- Understanding of PCI, SOC2, GDPR, FEDRAMP, and HIPAA compliance standards
- Expertise in Microsoft Windows administration and security, Active Directory, and Group Policy
- Understanding of cryptocurrency and blockchain technology
Values: We built our core values on themes that internally compel us to deliver our best to our partners, our customers and to each other. Ensuring a diverse and inclusive workplace where we learn from each other is core to SADA’s values. We welcome people of different backgrounds, experiences, abilities, and perspectives. We are an equal opportunity employer.
- Make Them Rave
- Be Data Driven
- Think One Step Ahead
- Drive Purposeful Impact
- Do The Right Thing
Work with the best: SADA has been the largest partner in North America for Google Cloud portfolio of products since 2016 and has been named the 2021, 2020, 2019, and 2018 Google Cloud Global Reseller Partner of the Year. SADA has also been awarded Best Place to Work year after year by the Business Intelligence Group, Inc. Magazine, as well as LA Business Journal!
Benefits: Unlimited PTO, Paid Parental Leave, competitive and attractive compensation, performance-based bonuses, paid holidays, rich medical, dental, vision plans, life, short and long-term disability insurance, 401K/RRSP with match, as well as Google Certified training programs.
Business Performance: SADA has been named to the INC 5000 Fastest-Growing Private Companies list for 15 years in a row garnering Honoree status. CRN has also named SADA on the Top 500 Global Solutions Providers for the past 5 years. The overall culture continues to evolve with engineering at its core: 3200+ projects completed, 4000+ customers served, 10K+ workloads and 30M+ users migrated to the cloud.
* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com
Tags: Active Directory Application security Automation Bash Bitbucket Black Duck Blockchain CCSP CI/CD CISSP Cloud Compliance DAST DevSecOps FedRAMP Full stack GDPR GIAC GitHub Go Governance HIPAA IAM Java Kerberos LDAP Linux Microservices Nessus Python SAML SAST SIEM SOC 2 Splunk Windows
Other jobs like this
Explore more Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open SOC Analyst jobs
- Open Penetration Tester jobs
- Open Information System Security Officer (ISSO) jobs
- Open Information Security Officer jobs
- Open Sr. Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Application Security Engineer/Architect jobs
- Open Senior Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Lead Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Security Consultant jobs
- Open Staff Application Security Engineer jobs
- Open Offensive Security Engineer jobs
- Open Security Researcher jobs
- Open Information Security Specialist jobs
- Open Senior Threat Intelligence Analyst jobs
- Open Cloud Security Automation Specialist jobs
- Open Cloud Security Operations Lead jobs
- Open Vulnerability management-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open Kubernetes-related jobs
- Open Analytics-related jobs
- Open Firewalls-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Clearance-related jobs
- Open DevOps-related jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Governance-related jobs
- Open OWASP-related jobs
- Open Forensics-related jobs
- Open CISM-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs
- Open IDS-related jobs
- Open CISA-related jobs
- Open SOC 2-related jobs
- Open Encryption-related jobs