Description

Our client designs, manufactures, and supply the best-in-class commercial food and beverage equipment for the global foodservice market. We empower you to grow with us. We recognize you and reward you. We win together as one team. Bring your passion for excellence to our table.

As Sr Cloud Infrastructure & Security Engineer you will be responsible for integrating security practices within the DevOps lifecycle to ensure the continuous delivery of secure, scalable, and reliable software solutions. This role will work closely with development and QA teams to automate and enhance security measures across all stages of the CI/CD pipeline.

Reporting directly to the Lead Cloud Engineer, this position is based out of our corporate headquarters in New Port Richey, Florida and may work a hybrid schedule.

Major Accountability:

Design and Implementation

Management and Optimization

Security and Compliance

Continuous Improvements

Key Tasks & Responsibilities:

Security Automation: Implement security controls and tools within CI/CD pipelines to detect and prevent vulnerabilities early in the software development lifecycle.

Infrastructure as Code (IaC or IaaC) Security: Ensure security best practices are followed when deploying infrastructure through tools like Terraform, Ansible, and Kubernetes.

Continuous Monitoring: Develop and maintain automated monitoring and alerting systems for security events, using tools such as Splunk, ELK stack, or Cloud-native services.

Vulnerability Management: Conduct vulnerability assessments, patch management, and remediation in cloud and on-prem environments.

Incident Response: Collaborate with cross-functional teams to handle security incidents, investigate root causes, and implement corrective measures.

Security Policies & Compliance: Assist in maintaining security policies and ensuring compliance with standards like SOC 2 and NIST.

Collaboration: Work with development and operations teams to integrate security requirements into DevOps workflows, promoting a DevSecOps culture.

Security Tooling: Evaluate, implement, and maintain security tools such as SAST/DAST, WAFs, container security, and identity management solutions (e.g., OAuth, SAML).

Cloud Security: Design and implement security measures for cloud platforms (AWS, GCP, Azure) including identity management, encryption, and access control.

Qualifications

Education & Experience:

Bachelor's degree in Computer science, Cybersecurity, IT Cloud or relevant field; with a minimum of six years of Cloud Infrastructure, DevOps or Cloud Security engineering experience is required.

Will consider a minimum of 10 years of relevant experience in lieu of degree.

4+ years of experience as a Security Engineer with a focus on DevOps practices.

4+ years of experience in cloud platforms (AWS, GCP, or Azure) and cloud security best practices.

Experience with automation tools like Jenkins, GitLab CI, Circle CI, etc.

3+ years of experience in containerization and orchestration (Docker, Kubernetes).

3+ years of experience in using security tools and practices (SAST, DAST, vulnerability scanners, etc.).

Experience working with IoT, Digital or Web product management, preferably in a Platform application, is a plus.

Certifications such as CEH, or AWS Certified Security are a plus.

Experience with "zero-trust" architecture.

Experience with IAM tools (Okta, AWS IAM).

Familiarity with microservices security (e.g., service mesh, API gateways).

Skills & Abilities:

Excellent problem-solving skills and ability to work in a fast-paced environment.

Excellent communication and interaction skills at all levels.

Ability to manage deadlines and complexity.

Ability to work independently and within a team.

Exceptional interpersonal skills, problem solving skills and presentation skills.

Teamwork orientation: ability to work collaboratively with cross-functional teams.

Ability to demonstrate alignment with Company core values.