The Enterprise Information Security team at Gordon Food Service is growing!
We are combining two of the most exciting things in technology right now - Cloud and Security - in a brand new role. The Cloud Security Engineer will define, document, and implement infrastructure and application security best practices and standards in the cloud. This position integrates into and works alongside DevOps teams and develops automation tooling, specific to security, to support Continuous Integration and Deployment (CI/CD), enabling software development teams to provide continuous value while maintaining and enhancing application security. Come be part of it!
How you will make an impact:
- Drive introduction and adoption of the Enterprise Information Security (EIS) team processes and disciplines into cloud environments (e.g. Risk Management, Vulnerability Management, Secure Application Development, Secure Environment Configuration, Identity Management, etc.)
- Provide cloud configuration and deployment expertise to Gordon Food Service
- Analyze cloud platform vulnerabilities, providing guidance and management to resolution
- Leads and participates in the evaluation, specification and recommendation of public cloud services.
- Assists with the provisioning and maintaining of on and off premise cloud infrastructures and related software to ensure a secure environment.
- Study, define and implement secure provisioning, configuration and operational aspects of cloud environments
- Write and maintain configuration and deployment solutions (via code) in support of security related CI/CD requirements
- Research and keep abreast of the dynamic threat landscape associated with cloud security, adapting Gordon Food Service protection strategies to proactively cope with emerging threats
- Perform security risk assessments (e.g. risk analysis for new cloud related technologies or tools)
- Perform internal penetration testing against new or modified software solutions
- Coordinate external security assessments (e.g. “grey-box” web application penetration tests)
- Provide cloud architecture guidance with a focus on security related topics to Gordon Food Service software engineers
- Write, maintain and assist with secure coding, configuration standards and best practices for custom software development at Gordon Food Service
- Interface with various teams across the organization in day to day activities
What we need from you:
- 5 or more years of information technology experience (including software engineering, devops and/or system engineering experience)
- Or an equivalent combination of education, training, and experience.
- Experience with public cloud providers such as Google Cloud Platform (GCP), AWS and/or Azure
- Working knowledge of application containerization and container orchestration technologies
- Experience with cloud specific networking technology to provide mesh and least privilege network access
- Experience with software defined networking including routing, bridging, VLANs and switches
- Experience with build tools, configuration management tools, provisioning tools
- Knowledge of languages used in cloud development and configuration
- Experience with automating build and release processes
- Knowledge with Unix/Linux