About the company:
Citrix, as a premier cloud company, enables mobile workstyles. We are pioneering new ways to connect people and information on-demand from anywhere in the world. With the rapid evolution of both the workplace and workforce, our aspiration is to create a seamless continuum between work and life so that our clients are free to work wherever, whenever, and however they choose.
We need you to:
Play a critical role in our cloud cyber security function to ensure customer data is secure and private, that Citrix systems are protected in the cloud.
You will establish best-practices and execute critical cyber security operations activities - incident response, vulnerability management, analysis, threat hunting, event management, and recovery using a DevSecOps model, integrating Engineering, DevOps, SRE and Cybersecurity Operations into a secure cloud service delivery program.
Work across Product and Support teams to ensure Citrix Cloud Services are secured and protected.
Drive technical service improvements to meet security goals.
Partner with other functions to drive a Release Engineering capability to deliver secure cloud services.
Engage with security vendors to ensure we are using the necessary tools to deliver secure cloud services.
Experienced security engineer with cloud and cybersecurity operations background to support 24x7 global delivery of secure Citrix Cloud services.
Able to work across multiple applications, cloud providers and technology stacks to support an effective Cloud Cybersecurity Operations organization
Participate in a team of Cybersecurity Managers, Engineers, Analysts, and SREs on day-to-day duties as well as work with leadership team on strategic initiatives
Provide hands-on technical expertise to design, engineer, deploy, and deliver secure Cloud services including driving improvements in technical architecture, standards and processes.
Experienced with SIEM, SOAR and other cloud cyber security tools such as Splunk, Alert Logic, Dome9.
Bachelor’s degree in computer science, related field, or equivalent work experience;
AWS Solutions ArchitectorAzure Solutions Architect certifications;
4+ years demonstrable experience in AWS and 2+ years in Azure.
Working knowledge of security engineering and operations.
Familiarity with industry regarded security incident response practices.
Demonstrated hands-on experience with AWS Cloud Security Services and Practices.
Demonstrated hand-on experience with Azure Identity and Access Management.
Experience conducting security reviews, threat models, and assessments for Cloud Solutions.
Familiarity with industry benchmarks and certifications such as CIS, SOC2, FedRAMP, etc.
Knowledge of Linux and Windows systems administration and architecture.
Experience developing serverless (e.g. AWS Lambda) and containerized (Docker) microservices architectures.
Proficiency with Python (2 & 3), PowerShell, and Bash (other scripting/dev languages a plus, particularly JS).
Experienced with data analysis, centralized logging (Splunk, ELK, Rsyslog, etc.).
Automation guru—if you’re not interested in designing AND developing security automation, this role is not for you.
Willingness to answer the phone at 0300 to respond to and handle any security incident that arises.
You will be successful in this role if you:
Work with engineering, DevOps and other teams to own design and implementation of security related tools, components and services.
Provide expert advice and consultancy to internal customers on risk assessment, threat modeling and fixing vulnerabilities.
Solid experience and technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security.
Knowledge of threat modeling or other risk identification techniques.
Knowledge of application security vulnerabilities and remediation techniques.
Knowledge of network and web related protocols (e.g., TCP/IP, TLS, routing protocols).
Several years of cloud security experience including architecture and code reviews.
Experience working with development team(s) that delivered commercial software or software-based services. (development, QA testing, or security role)
Evangelize security and be an advocate for customer trust.
Develop training materials for general security awareness and specific security technology training.
To apply for this job please reach out to firstname.lastname@example.org