Staff Security Engineer
India - Remote
Guidewire SoftwareElevate your P&C insurance with Guidewire's industry-leading software! Streamline workflows, enhance customer experience, and drive growth. Learn more today!
- Proactively partner with teams across the organization (infrastructure, application engineering, data analytics, etc.) to define, promote and implement security best practices that improve the security posture of our infrastructure.
- Working closely with business units, product teams, DevOps engineers and/or SRE's to embed security requirements and controls into DevOps environments and Cloud platforms( AWS and GCP)
- Architecture, configuration, operations, and maintenance of infrastructure, network and supporting software related to the cloud & application infrastructure
- Represent the Security Team in Security and Change Management Review Boards
- Act as a hands-on technical Security SME, handle complex and detailed technical work necessary to establish and maintain secure cloud environments.
- Owning and leading major initiatives and projects geared towards improving security posture; actively contributing to the improvement of the security program
- Guides junior team members in execution and understanding of function related tasks and projects
- Directly contributes towards advancing security domain knowledge across Guidewire through publication and presentations
- Provide on-call support and support Incident Response Team
- Experience with building and operating secure infrastructures with 8-10 years in Information Security (DevSecOps is required).
- Deep understanding and hands on experience of secure product development and engineering practices like threat modeling, secure design principles, secure coding, network security, identity management and authentication, encryption, container and container orchestration (EKS, ECS) security, penetration testing, code analysis, security testing, risk assessment and categorization, security monitoring and incident response to provide consultative guidance to global teams on improving security posture.
- Has a deep understanding of attacker tools, techniques, and processes and an extensive array of defenses/mitigations for them.
- Familiarity with enterprise security controls and security standard methodologies for Windows, Linux, and Mac systems.
- Proficiency in core security concepts, including cloud skills (preferred: AWS and GCP), networking and architecture
- Prior experience working closely with product and DevOps Engineers and/or SRE's on security requirements. Experience with DevOps environments and Cloud security controls is required ( AWS is a must)
- Excellent and effective communication, collaboration and interpersonal skills. Out-of-the-box thinking and ability to work with all levels of staff. Ability to articulate complex security concepts in simple business terms.
- Ability to own and lead major initiatives and projects which also includes ability to collaborate with stakeholders at different levels and geo locations Ability to influence junior engineers within the team and coach them without necessarily having direct reports
- Previous experience and the ability to handle and manage change well within and outside the team
- In-depth knowledge of TCP/IP networking (OSI stack, TCP, SDN, etc.).Experience with CI/CD tools such as TeamCity, CodeBuild, Github Actions, Jenkins etc.
- Experience using a programming language (would be a plus) such as Python or Go for automation
- Experience with infrastructure as code languages such as Terraform or CloudFormation
- Experience with configuration management tools such as Ansible, Salt, Puppet, or Chef
- Experience with Cloud Security services such as IAM, CloudTrail, GuardDuty, Organizations and Service Control Policies, Shield Advanced
Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently. We combine digital, core, analytics, and AI to deliver our platform as a cloud service. More than 540+ insurers in 40 countries, from new ventures to the largest and most complex in the world, run on Guidewire.
As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 1600+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our Marketplace provides hundreds of applications that accelerate integration, localization, and innovation.
For more information, please visit www.guidewire.com and follow us on Twitter: @Guidewire_PandC.
Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Ansible Automation AWS C CI/CD Cloud Code analysis Data Analytics DevOps DevSecOps Encryption GCP GitHub IAM Incident response Linux Monitoring Network security Pentesting Puppet Python R&D Risk assessment TCP/IP Terraform Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Security Operations Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Principal Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Specialist jobs
- Open Chief Information Security Officer jobs
- Open Ingénieur DevSecops H/F jobs
- Open Security Specialist jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Infosec Risk Manager jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open C-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Application security-related jobs
- Open Analytics-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open DevOps-related jobs
- Open CISA-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open Forensics-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs