Senior Cloud Security Engineer

We are looking for an exceptional security engineer to strategize, design, and guide the implementation of our rapidly expanding security capabilities to secure applications and data in multi- / hybrid-cloud environments.

With superb technical competency in the areas of cloud, application, and data security, and identity and access management, you'll lead and partner with an innovative and passionate team of engineers to create and implement effective, cost-efficient, and low-friction security solutions using cutting-edge technologies.

Apply below after reading through all the details and supporting information regarding this job opportunity.

What You'll Do

• Lead strategic initiatives to mitigate and remediate infrastructure security risk across the organization.
• Implement and instrument security controls and tooling across cloud infrastructure to uplevel the security posture.
• Work on a cloud-native environment leveraging containerized workloads, serverless architecture, and automated CI / CD pipeline to manage Infrastructure-as-a-Service.
• Perform scripting and coding to build security tooling and automate redundant tasks.
• Use Terraform to deploy security baseline controls, perform code reviews, and provide recommendations for improved security.
• Research and advocate new technologies, architectures, and security products that will support security strategies, patterns, and standards, and help address new threat vectors.
• Implement, administer, and instrument network security technology controls like WAF, bot manager, IPS / IDS, DLP, egress and network firewalls across cloud infrastructure.
• Deploy and manage network and endpoint security solutions (e.g., management frameworks, EDR tools).
• Enhance monitoring on user activity and enforce the principle of least privilege for all identities running within the cloud.
• Define, document, and implement security standards, guidelines, and procedures for secure operations in a cloud infrastructure environment.
• Be part of the on-call support for addressing security tickets and serve as a security system SRE on a rotational basis.
• Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps.
• Identify and remediate security vulnerabilities and incidents.

What We Expect :

• BS or equivalent. Minimum of 6+ years of experience in security engineering.
• Strong understanding of network security technologies, their operation and limitations including : firewalls, network IDS / IPS solutions, network microsegmentation, network access control solutions, IPSec and TLS based VPNs, web application firewalls, and egress controls.
• Experience with building scalable cloud security solutions that are well instrumented.
• Skilled in Python, Go, and programming automation.
• Deep technical expertise on public cloud environments like GCP, AWS, and Azure.
• Effective communication and interpersonal skills to collaborate with stakeholders across the organization and provide guidance on security architecture.
• Experience presenting technical security content to a large group and leadership.

Benefits at Credit Karma Include :

• Medical and dental coverage.
• Retirement plan.
• Commuter benefits.
• Wellness perks.
• Paid time off (vacation, sick, baby bonding, cultural observance, & more).
• Education perks.
• Paid gift week in December.

Pay Transparency Notice :

Credit Karma’s mission of championing financial progress for all starts from within. That’s why we implemented role-based compensation, which ensures people who are in the same role receive the same pay with variations for geographic location only.

It’s all part of a more comprehensive DEI strategy that helps level the playing field. The base salary range for this role is $215,000 - $300,000, plus equity and benefits.

J-18808-Ljbffr