Staff Security Engineer | Atlan | Remote (India)
Job Description
About the Role
We are currently hiring a passionate and experienced Staff Security Engineer/Architect to join our growing team. You will play a pivotal role in strengthening our overall security posture by implementing robust security controls across our infrastructure, applications, and cloud environments. As a security leader, you will be responsible for developing and executing a comprehensive security strategy aligned with our business goals.
What Will You Do?
- Conduct a thorough security assessment of our current infrastructure, applications, and cloud environments, identifying strengths and areas for improvement.
- Conduct detailed threat modeling and risk assessments to identify, prioritize, and mitigate potential security threats.
- Document the existing security architecture, policies, and procedures.
- Develop and implement a comprehensive security strategy aligned with Atlan’s business goals and industry best practices.
- Establish security metrics and key performance indicators (KPIs) to measure the effectiveness of security controls.
- Design and implement robust security controls across the platform, including network, application, and infrastructure security.
- Integrate security best practices into the CI/CD pipeline to ensure seamless DevSecOps practices (Shift Left, Policy as Code).
- Develop and implement incident response plans, conduct regular drills, and continuously improve security operations through monitoring and ongoing assessments.
- Advocate for security best practices across the organization, fostering a security-first mindset and a culture of security awareness.
- Lead and mentor other team members, promoting continuous learning and improvement in security practices.
- Ensure compliance with relevant security standards and regulations (e.g., PCI DSS, GDPR).
- Prepare for and assist in security audits and certifications.
What Makes You a Match?
- 10+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant or architect role.
- Proven experience with implementing DevSecOps principles, including Shift Left and Policy as Code methodologies.
- Experience implementing application security architecture and cloud security architecture.
- In-depth knowledge and experience with Kubernetes (K8s) security is required.
- Experience integrating security practices into the Secure Development Lifecycle.
- Experience with SaaS security or platform security is a strong plus.
- Strong understanding of security threats, vulnerabilities, and risk mitigation strategies.
- Experience with security tools such as CIS Benchmarks and SIEM solutions is preferred.
- Excellent analytical and problem-solving skills.
- Strong communication, collaboration, and interpersonal skills.
- Ability to work independently and as part of a team.
- Passion for security and a commitment to continuous learning.
- CISSP, CISA and/or CKS Certifications strongly preferred.