Job Description
The role involves designing, implementing, and managing security infrastructure and controls within AWS and Kubernetes environments, serving as a technical security leader to protect Aurora's cloud-based systems and services.
Key Responsibilities
- Design and implement security infrastructure services such as certificate management, secrets management, and authentication/authorization systems.
- Manage security boundaries, access controls, and enforce least-privilege IAM roles within AWS environment.
- Design and implement network security controls within VPCs, including segmentation, security groups, and private connectivity.
- Develop and maintain security best practices and tooling within AWS and Kubernetes EKS, including admission controllers and runtime security.
- Create systems for continuous security monitoring, reporting, and automated remediation.
- Conduct threat modeling and translate risks into security requirements and controls.
- Perform security design reviews for new systems and features, providing security guidance to engineering teams.
- Develop and maintain security controls using Infrastructure as Code (IaC) tools like Terraform.
- Lead advanced threat modeling exercises and translate risks into security requirements.
- Automate security remediation processes to address systemic vulnerabilities.
Requirements
- A minimum of 7 years of progressive experience in software, platform, or security engineering, with at least 3 years focusing exclusively on public cloud security AWS required.
- Experience in identifying and managing security risk, and the ability to navigate organizational friction to manage these risks.
- Expert-level, hands-on experience securing and operating complex environments in AWS, including expertise with IAM, VPC Networking, Security Hub, Config, GuardDuty, and KMS.
- Proven ability to design and implement security controls for Kubernetes EKS, including strong knowledge of authorization models, admission controllers, and security best practices.
- Expertise in one or more Identity and Access Management (IAM) standards and technologies such as PKI, OAuth2, OIDC, SAML, and commercial solutions like Okta.
- Strong proficiency in at least one modern programming or scripting language such as Python or Go for building security automation, tools, and remediation services.
- Experience writing, reviewing, and scaling infrastructure with Terraform.
- Deep fundamental understanding of enterprise-level network security, operating system security (Linux), and application security principles.
- Experience implementing DevSecOps practices, including integration of security testing (SAST, DAST, SCA) into CI/CD pipelines (e.g., GitLab, Jenkins).
- Familiarity with compliance frameworks such as SOX, SOC 2, ISO 27001.
Benefits & Perks
Base salary range: 220,000 - 300,000 per year
Annual bonus
Equity compensation
Benefits (unspecified)
Ready to Apply?
Join Aurora and make an impact in renewable energy
Stay Updated on Sustainability Jobs
Get the latest renewable energy jobs and career tips delivered to your inbox.
Job Alerts
Get notified about new sustainability jobs
More at Aurora
More jobs at Aurora
Tactical Development Testing Operator - CDL A
Aurora
NEW
Dallas
Full Time
21h
Staff Software Engineer, Continuous Learning
Aurora
San Francisco
Full Time
3d
$189k-303k
Software Engineer, MLDE Labels Platform
Aurora
Seattle
Full Time
3d
$126k-201k
More jobs in Seattle, Washington
Education Market Leader I
Cannon Design
NEW
Seattle
Full Time
21h
$135k-168k
Lead Machine Learning Engineer
Amperity
Seattle
Full Time
6d
$190k-260k
Senior Professional Engineer, Mechanical
TKDA
Seattle
Full Time
Feb 26