Familiarity with building and deploying containerised applications in public cloud using CI/CD frameworks and infrastructure automation
Knowledge of cloud networking architecture, cloud operations, security, automation and orchestration
Familiarity with performing security threat modelling and design reviews
Knowledge of security in distributed systems
Familiarity with good security practices with containers and Kubernetes
Experience with languages such as Go, Python, or other modern programming languages
Coding experience in the creation, automation, and integration of security tools
Experience in version control systems such as Git
Experience with designing, developing, and maintaining security in public cloud environments such as AWS and GCP
Strong interpersonal and communication skills to support collaboration with other personnel and teams
Existing experience building and operating distributed systems at scale
Awareness and experience with “well-architected” cloud security frameworks or CSA-CCM
Contributions to the security community (public research, blogging, presentations, etc)
Experience in performing web application penetration testing and security tooling
Experience developing tools and interacting with cloud provider APIs.
We actively hire candidates who demonstrate technical excellence in their field and welcome people of all ages and backgrounds, providing everyone with equal access to professional development. You are encouraged to apply even if your experience doesn't accurately match the job description. We also encourage applications from those with different abilities, including candidates with ADHD, autism, dyslexia or dyspraxia.
Responsibilities
Provide security expertise and mentorship to Thought Machine engineering teams through the stages of planning, design, and testing of new solutions.
Co-develop threat models with engineering teams that identify relevant threats and relevant strategies for mitigation
Design and build cloud native preventative and detective controls that operate at scale
Build and maintain automation to actively audit and assess infrastructure-as-code and in-place infrastructure
Develop (in code) security tooling, contribute to third-party security products, and develop updates for existing tooling that is in use in our environment
Work with cloud engineering and operations teams to develop tooling that maintains our secure operating state in production
Perform security reviews and security testing
Contribute to the overall security strategy, security tooling selection and creation
Operate collaboratively with other Thought Machine teams with trust and influence