Security Engineer - Cloud Threat Modeling
Overview
We're looking for a Security Engineer - Cloud Threat Modeling. Headquartered in Los Angeles, California, Right Balance provides top-tier technology talent for innovative companies in the US. We’re in the top 50 companies to watch in LA.
Engagement Details
Our client is a global technology consultancy focused on designing and implementing secure, observable cloud architectures embracing everything as Code (EAC) approach, so our clients can focus on their business goals. We can provide strategy, design, implementation, and follow-the-sun support. We also create custom software products when there are missing links in current solutions.
Our areas of expertise are data-intensive cloud applications supported by RDBMS and NoSQL solutions, CI/CD using DevOps and DevSecOps pipelines, total observability from client to application in the cloud, and hybrid architectures.
We are an AWS Advanced Partner and a Datadog Gold Partner. We are proud to share our learnings with the technology community. We believe the difference between something good and something great is attention to detail.
To fortify our cloud-based infrastructures across AWS and Azure platforms, we are looking to hire a Cloud Security Threat Modeling Specialist. This role is essential in ensuring that the organization shifts left and implements security design principles.
Key Responsibilities
- Threat Modeling: Conduct thorough threat modeling for cloud-based components on AWS and Azure. Identifying and mitigating potential security vulnerabilities.
- Terraform Expertise: Develop and manage infrastructure as code using Terraform, adhering to industry best practices.
- CI/CD Pipeline Integrations: Implement and maintain a good security posture within CI/CD pipelines, ensuring automation of security checks.
- Generative AI Skills: Utilize generative AI tools, notably ChatGPT, and the ability to get the most out of the tool using prompt engineering techniques like (RAG, COT, and ReAct)
- Adaptability and Continuous Learning: Demonstrate a strong ability to learn new technologies and concepts rapidly, adapting to evolving cybersecurity trends.
- Research and Development: Proactively research the latest trends in cybersecurity, attending key conferences like AWS re: Invent, KubeCon, etc., and applying insights gained to our security practices.
- Collaboration and Leadership: Collaborate with diverse teams, guiding cloud security and mentoring team members.
- Documentation and Reporting: Create detailed reports and documentation of threat models and security measures for management review.
What’s in it for you
- Learn and evolve your skills using the latest and greatest technology tools in a rapidly growing company.
- Learn from the best people around you. We constantly challenge the status quo and invent new ways of building a great product.
- 100% remote. Work anywhere, whether it is remotely in the comfort of your home, in a shared co-working space, in an RV on the beach, or while being a nomad in another country.
- Work on challenging problems, innovate, and positively impact many people's lives while having fun doing it.
Required Qualifications
- Upper-intermediate to fluent speaking and writing English. Able to have a real-time conversation.
- 5+ years of full-time hands-on Security Engineer experience.
- 3+ years of full-time hands-on Terraform experience.
- 3+ years of full-time hands-on AWS (or Azure, or GCP) experience.
- 2+ years of full-time hands-on Threat Modeling experience.
- Proven experience in threat modeling in cloud environments (AWS, Azure, GCP).
- Proficient in Terraform for infrastructure as code.
- Experience with CI/CD pipelines and security integration.
- Strong knowledge of cloud architecture and technologies.
- Experience with generative AI technologies, especially ChatGPT.
- A quick learner, adaptable to new technologies and trends in cybersecurity.
- Active engagement with the cybersecurity community, keeping abreast of the latest trends, and participating in major conferences.
- Excellent problem-solving, critical thinking, and communication skills.
Nice to haves
- Experience with Threat Modeler or similar threat modeling tools.
- Bachelor’s degree in Computer Science, Information Security, or a related field.
Frequently Asked Questions
What are your typical clients?
The majority of our clients are venture-backed startups at the growth stage. Usually, at this stage, the company already achieved a product-market fit and is looking to expand rapidly. That’s where we bring the best engineering practices, strong architecture, the latest technologies, and consistent processes to help companies scale.
What’s your company size?
The Right Balance team is 60+ engineers going to 100+ by the end of the year. The current client size team is 150+ people. The timing is great to be a part of a small team making meaningful contributions.
What are your core values?
Client First: we only win when our clients win. We treat client challenges as our own.
Ownership: we embrace responsibility, taking on challenges, getting them to completion, and enjoying getting things done.
Quality: we’re passionate about achieving quality outcomes by applying meticulous attention to detail.