Senior Cloud Security Engineer (AWS)
Spark is the Gearbox Software team behind SHiFT, our online services platform that serves millions of users every month across multiple gaming franchises. SHiFT is our one-stop-shop gaming services platform responsible for dozens of features gamers around the world depend on every day, from cross-play to friend presence, citizen science, dedicated server hosting, matchmaking, and much more. Spark is passionate about delivering features for our gaming partners that are relevant, dependable, and secure. We take pride in the stability of our platform and are always looking for ways to take that stability to new levels. Our team is agile with a commitment to seeing features go from desktop to production in minutes, not days.
To further drive our vision of premier stability and rapid feature delivery, we are looking for a Senior Cloud Security Engineer (CSE) to join our team. A successful candidate for this position should be comfortable proposing and engineering scalable security hygiene processes, specifically for AWS ecosystems. As a Senior CSE you will champion designs and lead the implementation of security best practices throughout our cloud. Candidates should have extensive hands-on experience personally engineering cloud and microservice security solutions at scale.
Some Useful Details
- Individual contributor (non-management)
- Mixture of mid-range project planning and hands on engineering
- Mixture of cloud security governance and addressing vulnerabilities in microservice architectures
This position will require you to carry a company-paid mobile device and participate in 24/7 on-call rotations alongside your engineering colleagues. Don't worry though, our on-call experience doesn't suck.
Projects That Might Excite You
- Evaluating, proposing, and deploying baseline security guardrails across dozens of cloud accounts
- Regularly reviewing AWS Trusted Advisor reports, investigating vulnerabilities, and seeing solutions through to completion
- Taking ownership of centralized AWS Security Hub findings and proposing procedures for addressing vulnerabilities
- Analyzing webservices traffic patterns to help inform how to instrument WAF configurations
- Owning security scanning of application vulnerabilities and leading the roadmaps for addressing findings within them
Responsibilities
- Champion the design, implementation, documentation, and maintenance of complex cloud security infrastructure across dozens of cloud accounts
- Be a trusted voice and frequent point of contact for various cloud security related questions from engineers on your team and throughout the organization
- Create and promote a detailed security architectural roadmaps
- Use security expertise to influence approaches to solving strategic business needs
- Understand security trends and promote the direction infrastructure teams should take to align with them
- Effectively communicate security needs and business requirements to department leadership and stakeholders
Desired Skills
- 5+ years of relevant cloud security engineering experience, in both design and implementation of AWS security tooling
- Expert level knowledge with common AWS cloud security technologies, including IAM, KMS, Security Hub, AWS Firewall Manager, Guard Duty, WAFv2, and SCPs.
- Expert level knowledge with security focused topics such as MFA, SSO, TLS, DDoS, and SIEM
- Hands-on experience with IaC at scale, preferably in Terraform
- Experience with IT Security Frameworks such as NIST, ISO27001, etc.
- Any verifiable cloud-focused security certification: AWS Certified Security Specialty, CISSP, CCSP, CCSK, etc.
Gearbox Entertainment believes that all team members should be able to enjoy a work environment free from all forms of discrimination and harassment. We are committed to reflecting the diversity of the world we strive to entertain. As an Equal Opportunity Employer, we provide fair and equal treatment to all team members and applicants. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, disability, genetic information, pregnancy or maternity, veteran status, or any other status protected by applicable national, federal, state or local law.