Cloud Cybersecurity Engineer

About The Position

Requirements

• Bachelor's degree or equivalent experience
• 3+ years of experience working in security focused roles
• 1+ year of experience with AWS, Azure, or Kubernetes
• Knowledge of cloud-based Identity and Access Management concepts, including AWS Organizations, AWS IAM, AWS Service Control Policies, Azure Entra ID (Entra and Subscription Level RBAC), Azure MyApps, and Azure Policies.
• Hands-on experience using infrastructure-as-code (e.g. Terraform, CloudFormation)
• Familiarity with SAML2, OAuth2, and OIDC for Single Sign On (SSO) with federated identity access brokers (i.e. MyApps, Cognito, KeyCloak).
• Excellent collaboration and communication skills to support the design and implementation of new IAM constructs.
• Experience with modern software development and automation tools like Git and Github Actions
• Experience in at least one modern programming language (e.g., Python, Go, JS, etc.)
• Robust analytical and problem-solving capabilities
• Deliver high quality PRs daily using modern software engineering development and automation tools like Git and CI/CD pipelines (e.g. GitHub Actions)
• Relentless desire to automate the mundane to focus on solving the harder problems
• Ability to put out fires under pressure when things go wrong in production environments and identify and address the root causes of those fires for the future
• Versatility to learn new tools and languages

Nice To Haves

• Cloud Security, IT Security, or related technical field preferred

Responsibilities

• Operate Identity and Access Management (IAM) in Azure, AWS, and Kubernetes using Tanium Cloud's infrastructure-as-code and policy-as-code.
• Contribute to the implementation of Tanium Cloud's IAM strategy and controls in collaboration with Security and Software Engineering teams to enable just-in-time and just-enough access.
• Assess the effectiveness and appropriateness of existing policies and permissions and make recommendations to continuously improve Tanium Cloud's IAM controls.
• Author, test, deploy, and audit the efficacy of AWS IAM policies and Azure Conditional Access Policies tailored to Tanium Cloud to implement strong security controls.
• Support Tanium employees needing assistance with access to Tanium Cloud's environment.
• Stay up to date with the latest IAM security threats, vulnerabilities, and industry trends to proactively enhance security prevention and detection measures.
• Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work.

Benefits

• Each of our team members has 5 days set aside as volunteer time off (VTO) to contribute to the communities they live in and give back to the causes they care about most.
• team members will receive equity awards and a generous benefits package consisting of medical, dental and vision plan, family planning benefits, health savings account, flexible spending account, transportation savings account, 401(k) retirement savings plan with company match, life, accident and disability coverage, business travel accident insurance, employee assistance programs, disability insurance, and other well-being benefits.