• The ideal candidate will come from a large enterprise environment focused on IAM strategy for product and infrastructure security
• 5+ years of experience as a full-stack Security Engineer in a cloud-native, micro-service SaaS, PaaS, or IaaS environment
• Strong understanding of AWS IAM best practices, and demonstrated experience in implementing a strong and scalable IAM strategy
• Must have current AWS and Kubernetes (EKS) experience
• Technical stack experience required to be successful in this role:
• AWS Security (GuardDuty, CloudTrail, Secrets Manager, EKS/ECR, IAM family, Config), Vulnerability management (Qualys/Nessus, Twistlock, Snyk), SIEM (SumoLogic or Splunk), Container Security, CI/CD Discipline (Helm, Terraform, Chef, Kubernetes (EKS)), Security Incident Response & Risk Management
• Proficiency in at least one programming language and framework (e.g. Ruby on Rails, Python, Phoenix/Elixir, Java)
• Familiarity with Threat Modeling principles

Desirable

• PagerDuty is seeking a Senior Security Engineer (AWS, IAM) to join our diverse, customer-focused team!
• As a Senior Security Engineer, you will be a key contributor to leading security initiatives around foundational infrastructure supporting the PagerDuty SaaS offerings through architecture reviews, threat modeling sessions, and designing security tool implementations supporting PagerDuty’s security mission
• Since we own and operate what we build, you’ll collaborate closely with engineers across many teams
• You will work closely with our internal development teams to ensure we deliver secure, highly reliable, and scalable solutions to our customers
• This is an exciting opportunity to build lovable security solutions that make developers and customers happy
• Act as technical team lead by providing mentorship designing and scoping implementation of security projects and guiding team members to ensure implementation is completed. Work closely with Product Engineering teams to review service designs (full stack) and provide security-focused recommendations to address potential threats or insecure designs. Provide oversight and mentorship to the Corporate Security team to ensure alignment with CISO mandates
• Mentor and help guide team members to ensure product and business objectives are considered for project implementations
• Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the rest of the team to build/test elegant solutions
• Participate in our team’s on-call rotation, triaging and addressing security issues as they arise
• Enable service team security implementations by building security-as-code constructs into infrastructure-as-code (IaC) modules, maintaining hardened configurations in platform components (container images, kubernetes deployments, etc.), and maintaining developer focused documentation to ensure low effort adoption
• Continually improve infrastructure security implementations with consideration for IAM, Network Access, and Security Alerting supporting kubernetes and AWS infrastructure with services operating modern-day a microservice architecture