Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Cloud Security Leader

C

Canoo

Cloud Security Leader

National
Full Time
Paid
Similar Jobs
  • Responsibilities

    ABOUT CANOO 

    Canoo has developed breakthrough electric vehicles that are reinventing the automotive landscape with bold innovations in design, pioneering technologies, and a unique business model that defies traditional ownership to put customers first. Distinguished by its experienced team – totaling over 500 employees from leading technology and automotive companies – Canoo has designed a modular electric platform purpose-built to deliver maximum vehicle interior space and adaptable to support a wide range of vehicle applications for consumers and businesses. With offices around the country, the company is scaling quickly and seeking candidates who love to challenge themselves, are motivated by autonomy and purpose, and get things done. 

    JOB PURPOSE

    The Cloud Security Leader (Deputy Chief Information Security Officer - CISO) will be an integral member of the Information Technology (IT) leadership team focused on Canoo's overall Cloud Security posture, DevSecOPs, Enterprise Identity and Access Management (IAM), detailed technical standards and playbooks, and implementing tools to improve the security of cloud workloads and Access Management.

    The Deputy CISO will architect and manage the secure operation of the Canoo's cloud based technical infrastructure. This role includes responsibility for technical security implementation, administration of security systems, creating and maintaining accurate technical documentation and a lead role communicating our technical solutions with internal compliance and external security auditors. If you have passion for cutting edge cloud services, deep interest in cybersecurity architecture and information security technologies, can convert complex requirements into efficient designs, and enjoy working in a fast-paced environment with talented engineers then Canoo is for you.

    The ideal candidate must have hands-on experience with:

    • Python scripting
    • AWS CLI's and API's
    • IAM tools (e.g., Saviynt, SailPoint, Okta, ForgeRock, etc.)
    • AWS infrastructure and development
    • AWS security
    • AWS incident triage/containment
    • Cloud penetration testing
    • AWS IAM (e.g., provisioning, de-provisioning, reconciliation, continuous compliance, AWS Landing Page, Role Adoption, IAM Policy compliance, re-certification, etc.)
    • Enterprise IAM (e.g., provisioning, de-provisioning, reconciliation, continuous compliance, re-certification, etc.)
    • CI/CD
    • Secure Development Pipeline implementation (e.g., Container Security, SAST, Secrets Management, Developer Training, etc.)

    While this is a leadership role, Deputy CISO will be expected to define their backlog and hands-on ownership and execution of parts of their Agile backlog. 

    RESPONSIBILITIES

    • Develop and deploy Cyber Security components for Software Engineering (“DevOPs”) teams to adopt and leverage
    • Monitor the Cyber Security of all cloud environments, including AWS, Azure, and 0365 workloads
    • Collect and report on Cyber Security operational metrics for each DevOPs team
    • Work collaboratively with DevOPs teams to define a Secure Development pipeline
    • Work collaboratively with DevOPs teams to define and formalize detailed cloud security technical standards and guidelines
    • Develop and deploy compliance checking capabilities to continuously identify DevOPs teams not leveraging Cyber Security components, or complying with Cyber Security technical standards and guidelines
    • Research Cyber Security trends and emerging technologies, identify our business and technical requirements, perform technical evaluation and support deployment of Cyber Security solutions
    • Develop and implement Cyber Security scripts and tools to streamline routine security processes, while maintaining Cyber Security Gitlab repo and AWS Cyber Security account
    • Implement and manage Security Dashboard, including a cloud-based SIEM solution
    • Partner with various teams to identify, plan, and implement security best practices in their respective areas
    • Implement and manage an IAM systems, governing access to all Canoo systems
    • Implement and manage Static and Dynamic Code Analysis program in CICD pipelines
    • Manage Penetration Testing program
    • Research and analyze application behaviors and improving security and stability

    EXPERIENCE

    • Must have hands-on, and current expertise-level skills as a developer (Java or Python)
    • Must have hands-on experience with cloud security forensics and analysis of security threats and events, and be able to perform penetration testing in the cloud
    • Hands-on experience with distributed version control systems (e.g., Git/Stash)
    • Hands-on experience with Docker, Github/Gitlab, Jenkins, ELK and deploying applications on AWS
    • Hands-on experience deploying and managing infrastructure with Terraform (Note:  Candidate must have ability to create and apply Terraform scripts)
    • 3 – 5 years of hands-on experience building, maintaining, and securing AWS environments (e.g., VPC's, EC2, EKS, serverless, IAM/Network policies, AWS Access Management, SCPs, etc.)
    • Experience deploying and managing IAM solutions
    • BS degree in Computer Science / Engineering or a related field, or equivalent experience
    • Deep understanding of Internet protocols including TCP/IP and HTTP
    • Experience with securing the software development life cycle, from requirements to design, implementation, testing, and release
    • Ability to work on multiple projects at a time in a fast-paced environment

    WHAT'S COOL ABOUT WORKING HERE... 

    • Work in a high-growth start-up company that will redefine urban mobility 
    • Be part of an inspirational, energetic, collaborative, authentic, and diverse environment 
    • Participate in excellent benefits and a flexible PTO policy 
    • Participate in the Employee Equity Compensation Plan 
    • Enjoy a casual workplace with an unbelievable feeling of energy

     

    CANOO IS AN EQUAL OPPORTUNITY-AFFIRMATIVE ACTION EMPLOYER AND CONSIDERS ALL QUALIFIED APPLICANTS FOR EMPLOYMENT BASED ON BUSINESS NEEDS, JOB REQUIREMENTS AND INDIVIDUAL QUALIFICATIONS WITHOUT REGARD TO RACE, COLOR, RELIGION, SEX, AGE, DISABILITY, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, PAST OR PRESENT MILITARY SERVICE OR ANY OTHER STATUS PROTECTED BY THE LAWS OR REGULATIONS IN THE LOCATIONS WHERE WE OPERATE. 

    Any unsolicited resumes or candidate profiles submitted in response to our job posting shall be considered the property of Canoo Inc. and its subsidiaries and are not subject to payment of referral or placement fees if any such candidate is later hired by Canoo unless you have a signed written agreement in place with us which covers the applicable job posting.