Full-Time

Sr Cloud Security Engineer

Confirmed live in the last 24 hours

Penumbra Inc

1,001-5,000 employees

Develops healthcare technologies for vascular conditions

Hardware

Compensation Overview

$146,332 - $217,880Annually

+ Bonus + Equity + Relocation Assistance

Senior

Alameda, CA, USA

Required Skills

Kubernetes

Microsoft Azure

Python

Management

Git

SQL

Terraform

Ansible

Linux/Unix

Data Analysis

Requirements

Bachelor's degree in computer science or related field with 8+ years of experience, or equivalent combination of education and experience
Azure cloud certification is required (i.e., Azure Security Engineer, Azure Administrator)
8+ years of hands-on experience working with Azure cloud technologies covering Network, IAM, Application and Data Security domains
Other Network & IAM certifications preferred, i.e., CCNP, JNCP, CIAM etc.
Hands-on experience deploying and customizing all Azure security tools and other third party security tool set
Hands-on experience using CI/CD pipelines for change management, automated security configuration and enforcement
Hands-on experience with Azure Directory services, PaaS services security, Azure policies and analytics
Hands-on experience with IBM QROC (QRadar on Cloud) SIEM, UEBA, NDR, SOAR tools, fully proficient with Areal Query Language (AQL), defining use cases and ensure full coverage of MITER framework
Programming experience in a higher-level language such as NodeJS, Ruby, Chef, Puppet, YAML, JSON, and/or Python
Expert level understanding of API based security and compliance standards, Unix/Linux, Windows operating systems and scripting
Good understanding and expertise of tools such as Ansible, Terraform, CI/CD, (Jenkins, Github, etc.) Docker and Kubernetes
Experience defining cloud security policies and standards
Experience with Log management, EventHub and/or correlation systems/ services
Ability to write SQL queries and build dashboards and reports
Knowledge of modern cloud technology components and deployment patterns

Responsibilities

Responsible for the design and development of innovative security solutions for protecting applications and data deployed into the cloud
Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance
Develop security dashboards providing overall security posture and ensure that deviance from the norm is visible and acted upon appropriately
Hands-on responsibility for all of Azure cloud security and enterprise SaaS application security
Continuously monitor the effectiveness of security controls through comprehensive assessments across domains such as IAM, secure CI/CD pipeline, Incident Management, Vulnerability Management, and red-teaming exercises
Collaborate with the operations team on SOC tools i.e., SIEM, UEBA, NDR, SOAR, defining use cases and ensure full coverage of MITER framework
Identify, track, and resolve all security issues and gaps across Azure tenant, cloud infrastructure and functional services across IaaS, PaaS, SaaS, CaaS etc.
Build, deploy, and manage security tools, automate security controls, processes, and services
Evaluate and respond to alerts and events from security tools, finetune security configurations to minimize false positives
Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools
Collaborate with security leadership, engineering, and compliance to execute security strategies and roadmaps
Assist other teams in solving security issues in a manner that complies with business requirements and best practices
Review company architecture and design through a security lens to provide actionable, timely requirements and recommendations
Serve as a subject matter expert for security tools, applications, and processes
Develop, enforce, and audit cloud security policy, standards, and procedures
Responsible for IT general controls across cloud services
Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures
Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company
Ensure other members of the department follow the QMS, regulations, standards, and procedures

The Senior Cloud Security Engineer will be a member of the Information Security & Compliance team. This role will have a highly technical hands-on, analytical, and process-oriented focus. The Sr. Cloud Security Engineer will collaborate with product teams, be responsible for engineering security solutions and operational support across a hybrid cloud environment, ensuring compliance with legal and regulatory requirements, maintaining company information security policies, standards, and industry best practices.

What You’ll Work On

Responsible for the design and development of innovative security solutions for protecting applications and data deployed into the cloud.
Develop and sustain the security vision and strategy for all deployments across infrastructure and software, leveraging native and 3rd party products where applicable.
Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance.
Develop security dashboards providing overall security posture and ensure that deviance from the norm is visible and acted upon appropriately.
Hands-on responsibility for all of Azure cloud security and enterprise SaaS application security.
Continuously monitor the effectiveness of security controls through comprehensive assessments across domains such as IAM, secure CI/CD pipeline, Incident Management, Vulnerability Management, and red-teaming exercises.
Collaborate with the operations team on SOC tools i.e., SIEM, UEBA, NDR, SOAR, defining use cases and ensure full coverage of MITER framework.
Identify, track, and resolve all security issues and gaps across Azure tenant, cloud infrastructure and functional services across IaaS, PaaS, SaaS, CaaS etc.
Build, deploy, and manage security tools, automate security controls, processes, and services.
Evaluate and respond to alerts and events from security tools, finetune security configurations to minimize false positives.
Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools.
Collaborate with security leadership, engineering, and compliance to execute security strategies and roadmaps.
Assist other teams in solving security issues in a manner that complies with business requirements and best practices.
Review company architecture and design through a security lens to provide actionable, timely requirements and recommendations.
Serve as a subject matter expert for security tools, applications, and processes.
Develop, enforce, and audit cloud security policy, standards, and procedures.
Responsible for IT general controls across cloud services.
Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures.
Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company.
Ensure other members of the department follow the QMS, regulations, standards, and procedures.
Perform other work-related duties as assigned.

What You’ll Bring

Bachelor’s degree in computer science or related field with 8+ years of experience, or equivalent combination of education and experience
Azure cloud certification is required (i.e., Azure Security Engineer, Azure Administrator)
8+ years of hands-on experience working with Azure cloud technologies covering Network, IAM, Application and Data Security domains.
Other Network & IAM certifications preferred, i.e., CCNP, JNCP, CIAM etc.
Hands-on experience deploying and customizing all Azure security tools and other third party security tool set.
Hands-on experience using CI/CD pipelines for change management, automated security configuration and enforcement.
Hands-on experience with Azure Directory services, PaaS services security, Azure policies and analytics.
Hands-on experience with IBM QROC (QRadar on Cloud) SIEM, UEBA, NDR, SOAR tools, fully proficient with Areal Query Language (AQL), defining use cases and ensure full coverage of MITER framework.
Programming experience in a higher-level language such as NodeJS, Ruby, Chef, Puppet, YAML, JSON, and/or Python
Expert level understanding of API based security and compliance standards, Unix/Linux, Windows operating systems and scripting.
Good understanding and expertise of tools such as Ansible, Terraform, CI/CD, (Jenkins, Github, etc.) Docker and Kubernetes
Experience defining cloud security policies and standards.
Experience with Log management, EventHub and/or correlation systems/ services.
Ability to write SQL queries and build dashboards and reports.
Knowledge of modern cloud technology components and deployment patterns
Strong collaboration and presentation skills
Strong analytical problem-solving skills.
Excellent oral, written, verbal and interpersonal communication skills
High degree of accuracy and attention to detail
Proficiency with MS Word, Excel, and PowerPoint
Excellent organizational skills with ability to prioritize assignments while handling various projects simultaneously

Working Conditions

General office environment. Business travel from 0% - 10%. Potential exposure to blood-borne pathogens. Requires some lifting and moving of up to 25 pounds. The employee is frequently required to stand, walk, sit, and reach with hands and arms, and to use a computer, sitting for extended periods. Specific vision abilities required by this job include the ability to read, close vision, distance vision, color vision, peripheral vision, and depth perception.

Alameda, CA
Starting Base Salary is $146,332/year - $217,880/year.
Individual compensation will vary over time-based on factors such as performance, skill level, competencies, work location and shift.

What We Offer

•A collaborative teamwork environment where learning is constant, and performance is rewarded.

•The opportunity to be part of the team that is revolutionizing the treatment of some of the world’s most devastating diseases.

•A generous benefits package for eligible employees that includes medical, dental, vision, life, AD&D, short and long-term disability insurance, 401(k) with employer match, an employee stock purchase plan, paid parental leave, eleven paid company holidays per year, a minimum of fifteen days of accrued vacation per year, which increases with tenure, and paid sick time in compliance with applicable law(s).

Penumbra, Inc., headquartered in Alameda, California, is a global healthcare company focused on innovative therapies. Penumbra designs, develops, manufactures, and markets novel products and has a broad portfolio that addresses challenging medical conditions in markets with significant unmet need. Penumbra sells its products to hospitals and healthcare providers primarily through its direct sales organization in the United States, most of Europe, Canada, and Australia, and through distributors in select international markets. The Penumbra logo is a trademark of Penumbra, Inc.

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, age, disability, military or veteran status, or any other characteristic protected by federal, state, or local laws.

If you reside in the State of California, please also refer to Penumbra’s Privacy Notice for California Residents.

For additional information on Penumbra’s commitment to being an equal opportunity employer, please Penumbra’s AAP Policy Statement.

Penumbra Inc

View

Website

View Company Profile

Penumbra, Inc. excels in pioneering healthcare technologies specifically designed for neuro and peripheral vascular conditions. This involves a focus on stroke revascularization and embolization, with leading products like the REAL Immersive System and ACE Reperfusion Catheters that underline their commitment to top-tier, patient-focused innovations. Their dedication to leveraging cutting-edge technology in medical solutions makes it an outstanding workplace for professionals eager to impact critical care positively and advance in the fast-evolving healthcare sector.

Company Stage

IPO

Total Funding

$3.4M

Headquarters

Alameda, California

Founded

2004

Growth & Insights

Headcount

6 month growth

↑ 5%

1 year growth

↑ 10%

2 year growth

↑ 21%