• Location
    • Santa Clara, CA
  • Date Posted
  • Sep. 23, 2021
  • Function
  • IT
  • Sector
  • Data

We are seeking a Senior Security Architect as a foundational member of a cross-functional Information Security team.  The ideal candidate will be self-motivated, an excellent communicator, and have significant experience with container security, penetration testing, staff security training, threat scanning, vulnerability management, data encryption, key management, and strong authentication technologies.   Experience with Linux, Amazon Web Services, Kubernetes, IP Networking, and strict Change Control procedures is also required.  This candidate should be an able coder who is comfortable working in a fast-paced SDLC that includes the infrastructure-as-code model.   The role will work closely with software engineering, quality assurance, customer success, and product management teams to ensure that security and privacy are addressed at every part of the SDLC and throughout the architecture.

Roles and Responsibilities

  • Work alongside Product, Operations, Engineering and QA teams to ensure a secure infrastructure
  • Work with developers to drive security requirements throughout the development process
  • Work with senior management to develop and execute a multi-year security roadmap for several regulatory regions
  • Routinely survey and evaluate available technology options to improve security and privacy monitoring
  • Implement tools, code, and frameworks to automate security scanning, monitoring, and event processing
  • Audit access controls, user rights, and permissions grants continually to ensure adherence to “principle of least privilege”
  • Drive security improvements throughout the organization and service delivery infrastructure
  • Create red team and blue team scheduled exercises
  • Acquire and maintain a thorough working knowledge of the products and services that are live and under development
  • Continually improve the security posture of all SaaS services

Requirements

  • B.S. in Computer Science or equivalent experience.
  • Thoroughly versed in Information Security subjects, philosophies, and techniques
  • Familiarity with compliance program security controls (ISO 27001/SOC 2/HITRUST/FedRAMP) as they apply to cloud hosted SaaS/PaaS/IaaS operations
  • Extensive experience with security service vendors (vulnerability management, detection, and response; malware scanning; data loss prevention; etc.)
  • Experience using source control tools such as Git
  • Extensive scripting (Python, Bash) experience
  • Occasional travel may be required

Clumio provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.