Senior Security Engineer, Platform Fundamentals

GitHub is changing the way the world builds software, and we want you to help change the way we secure GitHub. We are looking for an experienced Security Engineer to evolve and advance the cloud security posture of GitHub and its ecosystem.

As a Senior Security Engineer, you will work alongside other members of the GitHub Security, IT, and Engineering organizations to help drive technical direction for all things cloud security. Cloud Security Engineers at GitHub are self-starters, able to work autonomously in ambiguous environments, and collaborative natural problem solvers with experience automating and integrating disparate technologies. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cloud and containerized security threats, the ability to influence people from customers to managers through technical solutions, and the desire to be an integral contributor to securing GitHub systems.

^{Security Operations Responsibilities}

• Collaborate with Engineering teams across GitHub to design, build, and validate secure and scalable architectures in the cloud.
• Provide threat modeling and risk assessment services to characterize the risk and severity posture of various systems and components in the Cloud environment.
• Develop and Deploy security guardrails through reusable patterns using standardized frameworks.
• Implement information security controls and patterns that support risk assessments and the development of secure architectures.
• Collect security-related operational metrics through automation and increase security visibility across the organization; measure the coverage and effectiveness of security tools; transparency over the security state of the Cloud).
• Identify opportunities for process improvement, including developing and implementing internal security tools, tactics, and procedures.
• Provide security-related guidance and documentation.

^{Required Qualifications}

• Several years of working with cloud infrastructure
• Several years experience building or managing Cloud Platforms, Products, or Services (specifically Microsoft Azure)
• Several years experience with Python

^{Preferred Qualifications}

• Extensive experience building security solutions, ideally for cloud services
• Experience with Azure Resources deployment and Azure Policy
• Excellent presentation skills and experience presenting to management
• Experience performing threat modeling and design reviews to assess security implications and requirements for introducing new technologies
• Ability to produce concise and quality technical documentation
• Strong written and verbal communication skills

Location: In this role, you can work remotely from anywhere in the following Canadian provinces: Alberta, British Columbia, Ontario

#LI-Remote