Lead Cloud Security Engineer - Kubernetes

Lead Cloud Security Engineer - Kubernetes

TIAA has an opportunity for a Lead Cloud Security Engineer who has specialized in Kubernetes. The ideal candidate will possess an in-depth understanding of cloud security principles and has experience in securing Kubernetes environments.

This role will plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.

In addition, will Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.

This position will provide security for cloud-based digital platforms and will play an integral role in protecting our organization's data.

This may involve analyzing existing cloud structures and creating new and enhanced security methods. Furthermore, will serve as part of a larger team dedicated to cloud-based management and security.

Key Responsibilities and Duties

• Design, implement and maintain security controls for Kubernetes-based cloud environments to protect sensitive data and applications.
• Conduct security assessments and audits of Kubernetes clusters to identify and remediate vulnerabilities.
• Develop and implement security policies, procedures, and best practices for Kubernetes deployments.
• Monitor Kubernetes clusters for security incidents and anomalies and respond to security events as needed.
• Collaborate with DevOps and development teams to integrate security into the CI / CD pipeline and automate security processes.
• Stay current with the latest Kubernetes security threats, vulnerabilities, and best practices.

Educational Requirements

University (Degree) Preferred

Work Experience

5+ Years Required; 7+ Years Preferred

Physical Requirements

Physical Requirements : Sedentary Work

Career Level

Qualifications : Required :

Required :

• Minimum of five (5) years of working in an Information Technology role, preferably cybersecurity or cloud security.
• At least 3 years' experience with working with cloud security principles and best practices, with a focus on Kubernetes security.

Possess hands-on experience with Kubernetes deployment, configuration, and management in a large scale or complex environment.

• At least 3 years of direct experience implementing serverless and containerized workload security best practices for Kubernetes clusters, GKE, EKS, AKS platforms.
• At least 3 years of experience assisting customers make decisions to achieve complex security outcomes in at least one major cloud provider (AWS or Azure or Google).
• At least 3 years of programming experience in one of the following languages : Java, C++, or Python.

Preferred :

• Experience building immutable infrastructure-as-code solutions using tools like Terraform, Ansible, Chef, Puppet, Salt, and Packer.
• Experience implementing DevSecOps pipelines for infra, applications, data, providing cloud security guardrails with tools such as Deployment Manager, Terraform, OPA, Versatile scanning tools and other technologies.
• Possess professional security certifications such as GSEC, CEH, CISSP, CCSP, GCP security engineer, AWS Security Engineer.
• Experience conducting GCP, AWS and Azure Security Assessments of large client environments and be able to migrate workloads securely.
• Experience and understanding of security principles across infrastructure platforms, data layers, integration points, and application layers.

Experience leading a variety of commercial security technology implementations.

Experience designing security solutions and implementing standard methodologies to harden Kubernetes in the cloud (e.g.

GKE, EKS, ECS, OpenShift and AKS etc.)

• A "Cloud First" approach that is centered on design principles like infrastructure-as-code, immutable deployments, etc.
• Experience mapping generic corporate security / compliance requirements to a Kubernetes environment, micro segmentation using ISTIO.
• Understand threats in the Kubernetes control and data plane, Supply chain security, tools and technology used for preventing and detecting container vulns.
• Experience partnering closely with business units / engineering teams to facilitate Kubernetes adoption in a secure manner.LI
• Possess effective communication and documentation skills, especially when collaborating with audiences who may not have a security background.

LI-VR1

Related Skills

Application Programming Interface (API) Development / Integration, Automation, Communication, Consultative Communication, Containerization, DevOps, Enterprise Application Integration, Group Problem Solving, Influence, Organizational Savviness, Prototyping, Relationship Management, Scalability / Reliability, Software Development Life Cycle, Systems Design / Analysis

Anticipated Posting End Date :

2024-07-20

Base Pay Range : $119,600 / yr. - $183,800 / yr.

Actual base salary may vary based upon, but not limited to, relevant experience, time in role, base salary of internal peers, prior performance, business sector, and geographic location.

In addition to base salary, the competitive compensation package may include, depending on the role, participation in an incentive program linked to performance (for example, annual discretionary incentive programs, non-annual sales incentive plans, or other non-annual incentive plans).

Company Overview

TIAA is the leading provider of financial services in the academic, research, medical, cultural and government fields. We offer a wide range of financial solutions, including investing, banking, advice and education, and retirement services.

Benefits and Total Rewards

The organization is committed to making financial well-being possible for its clients, and is equally committed to the well-being of our associates.

That's why we offer a comprehensive Total Rewards package designed to make a positive difference in the lives of our associates and their loved ones.

Our benefits include a superior retirement program and highly competitive health, wellness and work life offerings that can help you achieve and maintain your best possible physical, emotional and financial well-being.

To learn more about your benefits, please review our Benefits Summary.

Equal Opportunity

We are an Equal Opportunity / Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Read more about the Equal Opportunity Law here.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team :

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here.

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here.

For Applicants of Nuveen residing in Europe and APAC, please click here.