Principal IaC Security Engineer

Job Overview :

As a member of the Information Security team, the Principal Cloud Code Security Engineer will be responsible for developing, maturing, and sustaining the Cloud Security program with an emphasis on Infrastructure as Code security.

This position will partner with the Application Security, Cloud Engineering / Operations, and Security Engineering teams to ensure that company private cloud resources are securely deployed through established automated pipelines.

Responsibilities :

Implement and maintain appropriate controls within the CI / CD pipelines used to deploy cloud resources to ensure that resources are securely designed and deployed

Review Infrastructure as Code scripts and code repositories using Terraform to identify potential security issues or noncompliance with coding best practices

Implement and maintain tools to perform automated security scanning / analysis of Infrastructure as Code, containers, and serverless functions

Review security scan results and work with Application Development and Cloud Engineering teams to prioritize remediation efforts, review potential false positives and evaluate potential mitigating factors

Produce and track routine reports / metrics on security vulnerabilities, coding deficiencies, and exposures

Mentor and educate other teams within the organization on secure development and cloud security best practices

Monitor and review CVEs, and industry developments, and provide inputs for continuous improvement

Work with Internal Audit, IT Governance, IT Compliance and other key stakeholder groups on specific projects to ensure compliance with applicable regulatory requirements

Act as an SME in the area of Cloud and Code Security

What are we looking for?

We want strong collaborators who can deliver a world-class client experience . We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented , and are able to execute in a way that encourages creativity and continuous improvement .

Requirements :

8+ years of Cloud experience specifically working with AWS and Azure environments

6+ years of experience specifically working with Infrastructure as Code (Terraform) and helping to secure automated Cloud deployment pipelines

5+ years of experience using Cloud Security and IAC scanning tools including Prisma Code Security or similar tools

5+ years of experience with reviewing and analyzing vulnerabilities, including cloud-related issues, and tracking closure of vulnerabilities

Preferences :

Bachelor’s Degree or equivalent in Information Security, Engineering, or Computer Science.

Experience developing Infrastructure as Code using tooling such as Terraform, Cloud Formation, or HashiCorp

Expert-level knowledge in securing Infrastructure as Code scripts and Cloud resource deployments

Expert-level knowledge of the major Cloud platforms and their associated resources, common cloud misconfigurations / vulnerabilities and how to securely deploy each resource type

Experience working with Cloud Security Posture Management (CSPM) technologies such as Wiz, Prisma, Laceworks, Orca and Compute Security tools such as Twistlock and Aquasec

LI-Hybrid

Pay Range :

$143,100.00 - $238,500.00Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location.

Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more.

Your recruiter will be happy to discuss all that LPL has to offer!