Cloud and Infrastructure Security Engineer II
Los Angeles, CA
Full Time Mid-level / Intermediate USD 175K - 220K
StubHub
Buy and sell sports tickets, concert tickets, theater tickets and Broadway tickets on StubHub!In order to transform how millions of users explore, interact with, and participate in live events worldwide, StubHub is seeking a Cloud Infrastructure Security Engineer II to design and develop next-generation technologies and complex features. In order to ensure our company's success, our Cloud Infrastructure Security Engineer must demonstrate initiative and enthusiasm for the problems they tackle. StubHub is committed to being a phenomenal and inclusive place to work.
This is a hybrid work opportunity, located out of Los Angeles, CA or New York, NY
About the team:StubHub Cloud & Infrastructure Security Engineering is seeking a committed engineer to enhance our security posture within the cloud and infrastructure domains. The perfect candidate will possess experience in cloud security architecture, network security, and infrastructure automation, as well as a familiarity with container and operating system security.
What You'll Do:
- Assist in the development of secure Cloud Account Architectures, focusing primarily on AWS.
- Design and implement network security strategies that leverage security groups, NACLS, routing domains, and multi-tiered subnet architectures to ensure a defense-in-depth approach.
- Manage critical security logging and monitoring infrastructure for cloud-native and third-party data sources, ensuring their efficient shipping to Data Lakes and integration with visualization platforms.
- Operate and manage Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP), such as Wiz, Orca, Prisma, and Rapid7 ICS.
- Deploy configurations and infrastructure using Infrastructure as Code (IaC) frameworks, such as Terraform, Cloud Formation, and Pulumi.
- Develop and implement governance strategies for infrastructure deployment that integrate security best practices and enhance developer productivity.
- Write and maintain internal APIs to automate security processes, benefiting infrastructure and developer workflows.
Required Skills and Qualifications:
- Intermediatelevel experience in AWS cloud account architecture.
- Intermediate level knowledge in Network Security, including experience with AWS networking primitives: Security Groups, Network Access Control Lists (NACLS), Subnetting, Routing, and egress traffic filtering mechanisms.
- Intermediate levelproficiency in Identity & Access Management (IAM) Security, including experience with architecting AWS IAM roles & policies using complex conditionals.
- Intermediate level experience deploying and maintaining configurations and infrastructure using Terraform.
- Intermediate level experience with modern CSPM and CWPP tools (e.g., Wiz, Orca, Prisma, or Rapid7).
- Intermediate level experience with Secrets Management Platforms (e.g., AWS KMS, AWS Secrets Manager, Hashicorp Vault).
- Intermediate level experience in building and implementing IaC governance strategies that combine security best practices while enabling developer productivity.
- Intermediate level proficiency in Python or Go, and Bash scripting.
- Intermediate level experience in building & maintaining Web Application Firewalls.
- Intermediate level familiarity with security frameworks (e.g., PCI DSS, CIS, ISO 27001, NIST CSF).
Preferred Skills and Qualifications:
- Intermediate level knowledge of Kubernetes (K8s) Security foundations, including admission controllers, K8s Network Policies, K8s RBAC, and K8s Ingress architectures.
- Intermediate level proficiency in DDoS mitigation techniques using AWS Shield, CDN traffic scrubbing, and origin protection mechanisms.
- Intermediate level proficiency in Azure.
What We Offer:
- Accelerated Growth Environment: Immerse yourself in an environment designed for swift skill and knowledge enhancement, where you have the autonomy to lead experiments and tests on a massive scale.
- Top Tier Compensation Package: Enjoy a rewarding compensation package that includes enticing stock incentives, aligning with our commitment to recognizing and valuing your contributions.
- Flexible Time Off: Embrace a healthy work-life balance with unlimited Flex Time Off, providing you the flexibility to manage your schedule and recharge as needed.
- Comprehensive Benefits Package: Prioritize your well-being with a comprehensive benefits package, featuring 401k, and premium Health, Vision, and Dental Insurance options.
- Team-Building Events: Engage in vibrant team events that foster camaraderie and collaboration, creating an atmosphere where your professional and personal growth are celebrated.
California Job Applicant Privacy Notice found here
About Us StubHub is the world’s leading marketplace to buy and sell tickets to any live event, anywhere. Through StubHub in North America and viagogo, our international platform, we service customers in 195 countries in 33 languages and 49 available currencies. With more than 300 million tickets available annually on our platform to events around the world -- from sports to music, comedy to dance, festivals to theater -- StubHub offers the safest, most convenient way to buy or sell tickets to the most memorable live experiences. Come join our team for a front-row seat to the action.
We are an equal opportunity employer and value diversity on our team. We do not discriminate on the basis of race, color, religion, sex, national origin, gender, sexual orientation, age, disability, veteran status, or any other legally protected status.
Tags: APIs Automation AWS Azure Bash CDN Cloud CSPM DDoS Firewalls Governance IAM ICS ISO 27001 Kubernetes Monitoring Network security NIST PCI DSS Privacy Python Scripting Terraform
Perks/benefits: Career development Competitive pay Equity Flex hours Flex vacation Health care Insurance Parental leave Startup environment Team events Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs