• Full Time
  • Surrey

Website u-blox

To strengthen the security of our customer facing cloud services, we’re looking for an accomplished Senior AWS Cloud Security Engineer, with demonstrated success in defining, implementing and maintaining security frameworks for complex deployment in the Amazon cloud. In this role you also will represent the u-blox Corporate Security Organization in the Services Product center, and collaborate with security experts from other Product Centers in the Product Security Horizontal Team. You will be accountable for driving implementation of Product Security Standards and Policies within the Services Product Center.

This position is an excellent opportunity to apply a broad range of technical and management skills, drive development of secure services to customers in the IoT arena and contribute to u-blox wide security policies and standards.

Your responsibilities

  • Drive the definition of Security Policies, Processes and Standards in the Product Center and implement them in our customer facing services by coding or configuring the proper tools
  • Participate in architecture reviews of IaaS/PaaS/SaaS solutions and provide inputs on properly secure them
  • Support the development teams with Threat Modeling, Security Risk Assessments, Security Requirements definition, Security Architecture, and Security Testing
  • Coordinate Vulnerability Handling and Incident Response related to our cloud services
  • Coordinate 3rd party penetration tests & security reviews on our cloud services
  • Represent the Corporate Security Organization in Services Product Center
  • Support definition of u-blox-wide Security Policies, Processes and Standards
  • Interface with customers to answer security questions related to our cloud services

Your skills and experience

  • Deep knowledge on key security concepts, including usage of Key Management Service (KMS), Symmetric/Asymmetric cryptography, Authentication/Authorization mechanisms, Identity and Access Management (IAM) policies and roles, Secured Network Architectures and CIS foundation best practices
  • Min. 2 years of experience as AWS cloud security engineer or comparable role and very familiar with at least 7 of the following AWS tools: CloudWatch, CloudTrail, Config, GuardDuty, WAF, KMS, Shield, Inspector, IAM, Secrets Manager, Systems Manager Parameter Store, Detective, CloudHSM, Certificate Manager
  • Min. 5 years of experience in cloud development and/or software/cloud architectures and/or project management
  • Experience with Scrum Agile framework
  • Hand-on experience on AWS tools including at least 7 of the following: VPC, S3, DynamoDB, ElastiCache, EC2, ECR, ECS, ELB, Cognito, Fargate, API Gateway, Lambda, SQS, VPC, PrivateLink.
  • Hand-on experience on Docker containers
  • Very proficient in at least one of the following programming languages: Python, Java, C#, Javascript, Go
  • Knowledge of DevOps concepts like continuous integration and delivery and hands-on experience with infrastructure-as-code tools like Terraform or Cloudformation.
  • Degree in Engineering or Scientific Fields, specific security certifications would be a plus (e.g. CISA, CISSP, CEH, OSCP…)
  • Ability to work independently with minimal direction; self-starter/self-motivated
  • Strong team player, very good analytical skills and able to handle multitasking within a fast moving environment
  • Experienced in communication, training and coaching, negotiating and handling conflict situation
  • Very good English skills, both spoken and written