Tala is hiring a
Lead SecOps Engineer

Summary

Tala is seeking a Secops Engineer to design, implement, and maintain infrastructure and application security solutions on AWS public cloud environments using DevSecOps mindset. The role involves driving the design of defense-in-depth security solutions for their customer-facing SaaS platform, working closely with various teams, and providing thought leadership.

Requirements

• B.S. Degree in Computer Science or related field or equivalent combination of professional development training and experience
• 5-7 years of previous experience deploying and administering security infrastructure in GCP or AWS public cloud environments, using Infrastructure as Code required
• In-depth hands-on experience with at least one public Cloud platform (AWS or GCP) with advanced knowledge of securing IaaS platforms and services like WAFs, Security Groups, EC2/Compute, EKS/GKE, ECR/GCR, S3/Cloud Storage, RDS/Cloud SQL, Logging and Monitoring
• Prior experience working closely with Product, DevOps and CloudOps' Site Reliability Engineers on shift-left strategies, CI/CD tools and solutions needed
• Security experience in a cloud native environment in one or more areas: authentication, access management, API security, Linux security, vulnerability scanning, threat and intrusion detection, firewalls, WAF, encryption technologies, container security etc
• Experience using a programming language such as Python for automation (would be a plus)
• Security certifications such as AWS, GCP , CISSP, CEH, OSCP preferred

Responsibilities

• Driving the design and implementation of defense-in-depth infrastructure and application security solutions for our customer facing SaaS platform in AWS public cloud environments
• Driving architecture, implementation, configuration and automation of native and third party cloud security solutions for hardening, detection, prevention, logging and response solutions for security vulnerabilities and threats

Benefits

• Excellent verbal and written communication skills and ability to document and explain technical details and concepts clearly and concisely
• Agility and willingness to deal with a high level of ambiguity, change, and pressures of high-profile incidents
• Flexibility to pitch in where needed across program and team
• Strong influence and teamwork skills; sound problem resolution, judgment, negotiating, and decision-making skills
• Strong knowledge of industry standards, vulnerability classifications, and attack vectors
• Experience working effectively with global teams in multiple time zones