Job Description
The role involves designing, implementing, and managing security infrastructure and controls within AWS and Kubernetes environments, serving as a technical security leader to protect Aurora's cloud-based systems and services.
Key Responsibilities
- Design and implement security infrastructure services such as certificate management, secrets management, and authentication/authorization systems.
- Manage security boundaries, access controls, and enforce least-privilege IAM roles within AWS environment.
- Design and implement network security controls within VPCs, including segmentation, security groups, and private connectivity.
- Develop and maintain security best practices and tooling within AWS and Kubernetes EKS, including admission controllers and runtime security.
- Create systems for continuous security monitoring, reporting, and automated remediation.
- Conduct threat modeling and translate risks into security requirements and controls.
- Perform security design reviews for new systems and features, providing security guidance to engineering teams.
- Develop and maintain security controls using Infrastructure as Code (IaC) tools like Terraform.
- Lead advanced threat modeling exercises and translate risks into security requirements.
- Automate security remediation processes to address systemic vulnerabilities.
Requirements
- A minimum of 7 years of progressive experience in software, platform, or security engineering, with at least 3 years focusing exclusively on public cloud security AWS required.
- Experience in identifying and managing security risk, and the ability to navigate organizational friction to manage these risks.
- Expert-level, hands-on experience securing and operating complex environments in AWS, including expertise with IAM, VPC Networking, Security Hub, Config, GuardDuty, and KMS.
- Proven ability to design and implement security controls for Kubernetes EKS, including strong knowledge of authorization models, admission controllers, and security best practices.
- Expertise in one or more Identity and Access Management (IAM) standards and technologies such as PKI, OAuth2, OIDC, SAML, and commercial solutions like Okta.
- Strong proficiency in at least one modern programming or scripting language such as Python or Go for building security automation, tools, and remediation services.
- Experience writing, reviewing, and scaling infrastructure with Terraform.
- Deep fundamental understanding of enterprise-level network security, operating system security (Linux), and application security principles.
- Experience implementing DevSecOps practices, including integration of security testing (SAST, DAST, SCA) into CI/CD pipelines (e.g., GitLab, Jenkins).
- Familiarity with compliance frameworks such as SOX, SOC 2, ISO 27001.
Benefits & Perks
Base salary range: 220,000 - 300,000 per year
Annual bonus
Equity compensation
Benefits (unspecified)
Ready to Apply?
Join Aurora and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Aurora
Jobs in Seattle, Washington
More jobs at Aurora
Data Platform Engineer
Aurora
NEW
Pittsburgh
Full Time
2d
$105k-157k
Security Engineering Technical Lead Manager TLM - Aurora Enterprise Security
Aurora
Seattle
Full Time
3d
$189k-274k
FP A Analyst Procurement Systems
Aurora
Pittsburgh
Full Time
4d
$104k-166k
More jobs in Seattle, Washington
Senior People Business Partner
Omnidian
Seattle
Full Time
Dec 29
Senior People Business Partner
Omnidian
Seattle
Full Time
Dec 30
Director of Data Science
Omnidian
Seattle
Full Time
Nov 21