Cloud Security Engineer

Cloud Security Engineer
Company Description
Snow Software is the global leader in technology intelligence solutions, ensuring the trillions spent on all forms of technology is optimized to drive maximum value. More than 4,000 organizations around the world rely on Snow's platform to provide complete visibility, optimize usage and spend, and minimize regulatory risk. Headquartered in Stockholm, Snow has more local offices and regional support centers than any other software asset and cloud management provider, delivering unparalleled results to our customers and partners.


Job Description
We want to operate, our services to a level that exceeds customer expectations and speaks to the trust our customers and partners have placed in us. The purpose of this role is to operate as an Infrastructure and Application Security Specialist to ensure Snow's runtime (i.e., production) SaaS platforms, and on-premise software offerings are proactively monitored and managed to avoid data loss and other security-related issues that could arise.
The role holder will work on a variety of application development projects, and work as part of the Security Engineering Team responsible for keeping our Product pipelines (SDLC) and customer platforms safe from malicious threats developing on the horizon and championing security best practices and techniques that help mature Snow's overall security posture.
Key accountabilities and decision ownership
Secure by Design, strong knowledge of cloud Infrastructure stacks (AWS, AZURE, GCP) - K8S, Containers, Software Firewalls (WAF, Fast DNS, CDN etc)
IAM - IdP, AD, Rule, Role, and Policy-based Access Controls
Networking, IP, WAN, BGP, NSG's, Subnet, IP Addr tables, Express routes, P2P Site-site VPN.
Strong knowledge of DevSecOps principles
Knowledge of offensive and defensive security tools, techniques, and principles
Maintain and manage Penetration Testing, Threat modeling and Assessment, Bug bounty programs


Core competencies, knowledge, and responsibilities
Mentoring, Coaching, and educating developers to drive security champions within Snow
Awareness and alignment with CSTAR (CCM), Soc2, ISO, NIST, OWASP, CIS benchmarking
Good Security hygiene on SDLC and shift left controls
Knowledge of ATT&CK, NIST and STRIDE
Acting as a subject matter expert for App and Infra security (Both to SoC team and wider Snow engineering and development)
Knowledge of attack techniques, threat landscape, threat actors (Desirable qualification could be Security+, CEH, or similar)
Participate in IRP
Create and contribute to security playbooks that can be automated in the future (SOAR)


Qualifications
Degree/Masters in a Security Related discipline
Azure Certified Security Associate
CKS - Kubernetes
Microsoft Azure (AZ-500, AZ-400, AZ-305)

Additional information
This is a chance for you to accelerate your career and succeed in an environment where you will have the possibility to make a daily impact. Every day you will get to work alongside helpful and down-to-earth colleagues who are dedicated and ambitious. We fully recognize that it is our employees that make Snow a success and the global leader in the development and delivery of dedicated SAM solutions. If you are the right person for the role we will offer you exciting and developing assignments and you will get to be part of a fantastic journey within a dynamic high-growth business.