Sr Cloud Security Engineer
Confirmed live in the last 24 hours
Penumbra Inc

1,001-5,000 employees

Develops, manufactures, and markets medical therapies for unmet needs
Company Overview
Penumbra, Inc. is a global healthcare company that stands out for its commitment to addressing unmet medical needs through the design, development, and marketing of novel products, such as the Penumbra System for the treatment of acute ischemic stroke. The company's culture fosters continuous learning and growth, with a strong emphasis on the value of every team member's ideas. Recognized as one of the fastest-growing companies by Fortune in 2019, Penumbra's industry leadership is evident in its direct sales organization that serves major markets including the United States, Europe, Canada, and Australia.
Hardware

Company Stage

N/A

Total Funding

$3.4M

Founded

2004

Headquarters

Alameda, California

Growth & Insights
Headcount

6 month growth

4%

1 year growth

13%

2 year growth

21%
Locations
Alameda, CA, USA
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Kubernetes
Microsoft Azure
Python
Management
Git
SQL
Terraform
Ansible
Linux/Unix
Data Analysis
CategoriesNew
IT & Security
Cybersecurity
Requirements
  • Bachelor's degree in computer science or related field with 8+ years of experience, or equivalent combination of education and experience
  • Azure cloud certification is required (i.e., Azure Security Engineer, Azure Administrator)
  • 8+ years of hands-on experience working with Azure cloud technologies covering Network, IAM, Application and Data Security domains
  • Other Network & IAM certifications preferred, i.e., CCNP, JNCP, CIAM etc.
  • Hands-on experience deploying and customizing all Azure security tools and other third party security tool set
  • Hands-on experience using CI/CD pipelines for change management, automated security configuration and enforcement
  • Hands-on experience with Azure Directory services, PaaS services security, Azure policies and analytics
  • Hands-on experience with IBM QROC (QRadar on Cloud) SIEM, UEBA, NDR, SOAR tools, fully proficient with Areal Query Language (AQL), defining use cases and ensure full coverage of MITER framework
  • Programming experience in a higher-level language such as NodeJS, Ruby, Chef, Puppet, YAML, JSON, and/or Python
  • Expert level understanding of API based security and compliance standards, Unix/Linux, Windows operating systems and scripting
  • Good understanding and expertise of tools such as Ansible, Terraform, CI/CD, (Jenkins, Github, etc.) Docker and Kubernetes
  • Experience defining cloud security policies and standards
  • Experience with Log management, EventHub and/or correlation systems/ services
  • Ability to write SQL queries and build dashboards and reports
  • Knowledge of modern cloud technology components and deployment patterns
Responsibilities
  • Responsible for the design and development of innovative security solutions for protecting applications and data deployed into the cloud
  • Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance
  • Develop security dashboards providing overall security posture and ensure that deviance from the norm is visible and acted upon appropriately
  • Hands-on responsibility for all of Azure cloud security and enterprise SaaS application security
  • Continuously monitor the effectiveness of security controls through comprehensive assessments across domains such as IAM, secure CI/CD pipeline, Incident Management, Vulnerability Management, and red-teaming exercises
  • Collaborate with the operations team on SOC tools i.e., SIEM, UEBA, NDR, SOAR, defining use cases and ensure full coverage of MITER framework
  • Identify, track, and resolve all security issues and gaps across Azure tenant, cloud infrastructure and functional services across IaaS, PaaS, SaaS, CaaS etc.
  • Build, deploy, and manage security tools, automate security controls, processes, and services
  • Evaluate and respond to alerts and events from security tools, finetune security configurations to minimize false positives
  • Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools
  • Collaborate with security leadership, engineering, and compliance to execute security strategies and roadmaps
  • Assist other teams in solving security issues in a manner that complies with business requirements and best practices
  • Review company architecture and design through a security lens to provide actionable, timely requirements and recommendations
  • Serve as a subject matter expert for security tools, applications, and processes
  • Develop, enforce, and audit cloud security policy, standards, and procedures
  • Responsible for IT general controls across cloud services
  • Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures
  • Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company
  • Ensure other members of the department follow the QMS, regulations, standards, and procedures