This role will work closely with development and QA teams to automate and enhance security measures across all stages of the CI/CD pipeline.

Reporting directly to the Lead Cloud Engineer, KitchenConnect, this position is based out of our corporate headquarters in New Port Richey, Florida and may work a hybrid schedule.

KitchenConnect is Welbilt's premier digital platform for a new generation of connected kitchens, harnesses technology and data to optimize operations, improve guest experiences, and enable your business to continually adapt to an ever-changing digital world through the ability to turn patterns into profits.

Major Accountability:

• Design and Implementation
• Management and Optimization
• Security and Compliance
• Continuous Improvements

Key Tasks & Responsibilities:

• Security Automation: Implement security controls and tools within CI/CD pipelines to detect and prevent vulnerabilities early in the software development lifecycle.
• Infrastructure as Code (IaC or IaaC) Security: Ensure security best practices are followed when deploying infrastructure through tools like Terraform, Ansible, and Kubernetes.
• Continuous Monitoring: Develop and maintain automated monitoring and alerting systems for security events, using tools such as Splunk, ELK stack, or Cloud-native services.
• Vulnerability Management: Conduct vulnerability assessments, patch management, and remediation in cloud and on-prem environments.
• Incident Response: Collaborate with cross-functional teams to handle security incidents, investigate root causes, and implement corrective measures.
• Security Policies & Compliance: Assist in maintaining security policies and ensuring compliance with standards like SOC 2 and NIST.
• Collaboration: Work with development and operations teams to integrate security requirements into DevOps workflows, promoting a DevSecOps culture.
• Security Tooling: Evaluate, implement, and maintain security tools such as SAST/DAST, WAFs, container security, and identity management solutions (e.g., OAuth, SAML).
• Cloud Security: Design and implement security measures for cloud platforms (AWS, GCP, Azure) including identity management, encryption, and access control.

Qualifications

Education & Experience:

• Bachelor's degree in Computer science, Cybersecurity, IT Cloud or relevant field; with a minimum of six years of Cloud Infrastructure, DevOps or Cloud Security engineering experience is required.
• Will consider a minimum of 10 years of relevant experience in lieu of degree.
• 4+ years of experience as a Security Engineer with a focus on DevOps practices.
• 4+ years of experience in cloud platforms (AWS, GCP, or Azure) and cloud security best practices.
• Experience with automation tools like Jenkins, GitLab CI, CircleCI, etc.
• 3+ years of experience in containerization and orchestration (Docker, Kubernetes).
• 3+ years of experience in using security tools and practices (SAST, DAST, vulnerability scanners, etc.).
• Experience working with IoT, Digital or Web product management, preferably in a Platform application, is a plus.
• Certifications such as CEH, or AWS Certified Security are a plus.
• Experience with "zero-trust" architecture.
• Experience with IAM tools (Okta, AWS IAM).
• Familiarity with microservices security (e.g., service mesh, API gateways).

Skills & Abilities:

• Excellent problem-solving skills and ability to work in a fast-paced environment.
• Excellent communication and interaction skills at all levels.
• Ability to manage deadlines and complexity.
• Ability to work independently and within a team.
• Exceptional interpersonal skills, problem solving skills and presentation skills.
• Teamwork orientation: ability to work collaboratively with cross-functional teams.
• Ability to demonstrate alignment with Company core values.

Working Conditions:

• This work typically requires extended periods of standing/sitting at a desk in an office environment.
• Must be able to travel up to 5% of the time.