Job Information
HashiCorp Security Engineer II, Cloud Security in Ontario, Canada
Security Engineer II - Cloud Security
US - Remote
JR103846
About the Team
HashiCorp’s Cloud Infrastructure & Platform Security team is responsible for the security of HashiCorp’s cloud - both our cloud service provider (AWS, Azure, GCP) environments and our underlying HCP platform (https://www.hashicorp.com/cloud) infrastructure.This is a fully remote team. While prior experience working remotely isn't required, we are looking for team members who perform well given a high level of independence and autonomy.
What you’ll do
This role provides a great opportunity for those who are passionate about advancing our security posture in a multi-cloud estate , those passionate about building scalable software to solve security problems , and, especially, those who are passionate about both.
As a member of the team, you’ll help:
Define insightful metrics to further guide our cloud security posture and progress.
Ensure we have best practices implemented across our multi-cloud environment.
Partner with engineering and other stakeholders to define and drive secure-by-default environments supporting our products and the enterprise.
Develop tooling to drive our cloud security program forward.
What you’ll need (basic qualifications)
You have a broad understanding of the fundamentals of AWS security. It’s a plus if you can explain their policy evaluation logic (https://docs.aws.amazon.com/images/IAM/latest/UserGuide/images/PolicyEvaluationVerticalRCP.png) .
You find topics like Building a Data Perimeter on AWS (https://docs.aws.amazon.com/pdfs/whitepapers/latest/building-a-data-perimeter-on-aws/building-a-data-perimeter-on-aws.pdf#document-revisions) interesting.
You have 3+ years of software development experience (Go and/or Python preferred).
You have experience codifying infrastructure and deployment pipelines (Terraform and GitHub Actions preferred).
You have strong written and verbal communication skills and have experience articulating security risk to stakeholders across an organization.
You are able to seek out opportunities for a high-degree of positive impact and outline paths forward without explicit direction.
You agree with, understand, and consistently display the principles of HashiCorp (https://www.hashicorp.com/our-principles) in your interactions and in your work.
What’s nice to have (preferred qualifications)
You have a broad understanding of the fundamentals of Azure security.
You have experience utilizing Azure Policies (https://learn.microsoft.com/en-us/azure/governance/policy/overview) to enforce security standards across an Azure tenant.
#LI-REMOTE
