Job Summary : Guidewire Software is looking for a Senior Infrastructure Security Engineer. The ideal candidate will have specific experience with designing, building and maintaining infrastructure technologies with security in mind.
You would also be the Subject Matter Expert when it comes to providing guidance around security best practices in a predominantly AWS environment.
This role will focus on making sure that Infrastructure (on-prem and cloud) technologies that support Guidewire’s products are up to industry standards of Information Security.
Responsibilities : 1.Partner with teams across the organization (infrastructure, application engineering, data analytics, etc.
to ensure the security, availability and resilience of our infrastructure2.Prior experience working closely with product and DevOps Engineers and / or SRE's on security requirements.
Experience with DevOps environments and AWS security controls is a strong plus3.Architecture, configuration, operations, and maintenance of infrastructure, network and supporting software related to the cloud & application infrastructure4.
Represent the Security Team in Firewall Change Review / CAB meetings5.As a hands-on technical specialist, handle complex and detailed technical work necessary to establish and maintain secure cloud security environments6.
Assist Incident Response Team with SIEM engineering tasks7.Provide back-up on-call support to the Incident Response teamEffective interpersonal skills, out-of-the-box thinking and ability to interface with all levels of staffQualifications : 1.
Experience with building and operating secure infrastructures with 4 - 6 years in Information Security (DevSecOps is a plus).
2.In-depth knowledge of TCP / IP networking (OSI stack, TCP, SDN, etc.).3.Experience with CI / CD tools such as Jenkins, Github Actions, etc.
4.Experience using a programming language (would be a plus) such as python or Go for automation, plus Terraform, Chef, Puppet, Ansible, or CloudFormationExcellent communications and collaboration skills Previous experience and the ability to handle and manage change well within and outside the team 7.
Experience in platform security in at least three of the following domains : secure cloud deployment, application whitelisting, security engineering, incident handling, vulnerability analysis, active adversary threat management, penetration testing, intrusion detection, firewalls, and encryption technologies8.
Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems. Proficiency in core security concepts, including cloud skills (preferred : AWS), networking and architecture