The Senior Cloud Security Engineer will be a member of the Information Security & Compliance team. This role will have a highly technical hands-on, analytical, and process-oriented focus. The Sr. Cloud Security Engineer will collaborate with product teams, be responsible for engineering security solutions and operational support across a hybrid cloud environment, ensuring compliance with legal and regulatory requirements, maintaining company information security policies, standards, and industry best practices.
What You’ll Work On
- Responsible for the design and development of innovative security solutions for protecting applications and data deployed into the cloud.
- Develop and sustain the security vision and strategy for all deployments across infrastructure and software, leveraging native and 3rd party products where applicable.
- Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance.
- Develop security dashboards providing overall security posture and ensure that deviance from the norm is visible and acted upon appropriately.
- Hands-on responsibility for all of Azure cloud security and enterprise SaaS application security.
- Continuously monitor the effectiveness of security controls through comprehensive assessments across domains such as IAM, secure CI/CD pipeline, Incident Management, Vulnerability Management, and red-teaming exercises.
- Collaborate with the operations team on SOC tools i.e., SIEM, UEBA, NDR, SOAR, defining use cases and ensure full coverage of MITER framework.
- Identify, track, and resolve all security issues and gaps across Azure tenant, cloud infrastructure and functional services across IaaS, PaaS, SaaS, CaaS etc.
- Build, deploy, and manage security tools, automate security controls, processes, and services.
- Evaluate and respond to alerts and events from security tools, finetune security configurations to minimize false positives.
- Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools.
- Collaborate with security leadership, engineering, and compliance to execute security strategies and roadmaps.
- Assist other teams in solving security issues in a manner that complies with business requirements and best practices.
- Review company architecture and design through a security lens to provide actionable, timely requirements and recommendations.
- Serve as a subject matter expert for security tools, applications, and processes.
- Develop, enforce, and audit cloud security policy, standards, and procedures.
- Responsible for IT general controls across cloud services.
- Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures.
- Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company.
- Ensure other members of the department follow the QMS, regulations, standards, and procedures.
- Perform other work-related duties as assigned.
What You’ll Bring
- Bachelor’s degree in computer science or related field with 8+ years of experience, or equivalent combination of education and experience
- Azure cloud certification is required (i.e., Azure Security Engineer, Azure Administrator)
- 8+ years of hands-on experience working with Azure cloud technologies covering Network, IAM, Application and Data Security domains.
- Other Network & IAM certifications preferred, i.e., CCNP, JNCP, CIAM etc.
- Hands-on experience deploying and customizing all Azure security tools and other third party security tool set.
- Hands-on experience using CI/CD pipelines for change management, automated security configuration and enforcement.
- Hands-on experience with Azure Directory services, PaaS services security, Azure policies and analytics.
- Hands-on experience with IBM QROC (QRadar on Cloud) SIEM, UEBA, NDR, SOAR tools, fully proficient with Areal Query Language (AQL), defining use cases and ensure full coverage of MITER framework.
- Programming experience in a higher-level language such as NodeJS, Ruby, Chef, Puppet, YAML, JSON, and/or Python
- Expert level understanding of API based security and compliance standards, Unix/Linux, Windows operating systems and scripting.
- Good understanding and expertise of tools such as Ansible, Terraform, CI/CD, (Jenkins, Github, etc.) Docker and Kubernetes
- Experience defining cloud security policies and standards.
- Experience with Log management, EventHub and/or correlation systems/ services.
- Ability to write SQL queries and build dashboards and reports.
- Knowledge of modern cloud technology components and deployment patterns
- Strong collaboration and presentation skills
- Strong analytical problem-solving skills.
- Excellent oral, written, verbal and interpersonal communication skills
- High degree of accuracy and attention to detail
- Proficiency with MS Word, Excel, and PowerPoint
- Excellent organizational skills with ability to prioritize assignments while handling various projects simultaneously
Working Conditions
- General office environment. Business travel from 0% - 10%. Potential exposure to blood-borne pathogens. Requires some lifting and moving of up to 25 pounds. The employee is frequently required to stand, walk, sit, and reach with hands and arms, and to use a computer, sitting for extended periods. Specific vision abilities required by this job include the ability to read, close vision, distance vision, color vision, peripheral vision, and depth perception.
- Alameda, CA
- Starting Base Salary is $146,332/year - $217,880/year.
- Individual compensation will vary over time-based on factors such as performance, skill level, competencies, work location and shift.
What We Offer
•A collaborative teamwork environment where learning is constant, and performance is rewarded.
•The opportunity to be part of the team that is revolutionizing the treatment of some of the world’s most devastating diseases.
•A generous benefits package for eligible employees that includes medical, dental, vision, life, AD&D, short and long-term disability insurance, 401(k) with employer match, an employee stock purchase plan, paid parental leave, eleven paid company holidays per year, a minimum of fifteen days of accrued vacation per year, which increases with tenure, and paid sick time in compliance with applicable law(s).
Penumbra, Inc., headquartered in Alameda, California, is a global healthcare company focused on innovative therapies. Penumbra designs, develops, manufactures, and markets novel products and has a broad portfolio that addresses challenging medical conditions in markets with significant unmet need. Penumbra sells its products to hospitals and healthcare providers primarily through its direct sales organization in the United States, most of Europe, Canada, and Australia, and through distributors in select international markets. The Penumbra logo is a trademark of Penumbra, Inc.
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, age, disability, military or veteran status, or any other characteristic protected by federal, state, or local laws.
If you reside in the State of California, please also refer to Penumbra’s Privacy Notice for California Residents.
For additional information on Penumbra’s commitment to being an equal opportunity employer, please Penumbra’s AAP Policy Statement.
