Principal Cyber Security Engineer

Summary

Join Raft, a customer-obsessed company focused on Distributed Data Systems, Platforms at Scale, and Complex Application Development, as a Principal Cyber Security Engineer. This U.S.-based position requires U.S. citizenship and work within the continental U.S. You will leverage DevSecOps to secure platform features deployed on a hybrid infrastructure. The role demands experience in application security, cloud security (AWS), containerization (Kubernetes), and Identity and Access Management. You will manage access certifications and collaborate with clients and stakeholders. A competitive salary and benefits package are offered.

Requirements

• Bachelor Degree in computer science, Mathematics, or equivalent technical degree; or equivalent industry experience
• Five-plus (5+) years of experience with Terraform, SIEM, AWS
• Five-plus (5+) years of experience in managing multiple AWS environments (VPCs, firewalls, IAM, GuardDuty, Cloud Trail, WAF)
• Five-plus (5+) years of experience leading teams building and developing containerized services deployed in production on orchestration platforms such as Kubernetes, Mesos, etc
• Five-plus (5+) years of experience as an administrator and maintainer of Kubernetes clusters, including upgrading, troubleshooting, and deploying applications via GitOps (such as Flux, ArgoCD, or Fleet)
• Three-plus (3+) years of experience in Identity and Access Lifecycle Management Operations and Controls using tools like Okta or Keycloak
• Resume demonstrates deep understanding of modern microservices architectures, design patterns, resiliency techniques, and optimizations
• 3+ years' experience with modern programming languages such as Java, Python, or Go
• Managed infrastructure and developed APIs/platform services for tenants to use container services
• Linux Operating experience
• Experience with at least one agile methodology, including Scrum or Kanban
• Active Secret security clearance required

Responsibilities

• Build and secure applications at an Individual Contributor Level
• Understand all phases of application and service release lifecycle as part of the DevSecOps methodology
• Utilize DevSecOps methodology to successfully secure Platform features/capabilities that are deployed onto a Hybrid infrastructure consisting of onprem and commercial cloud environments
• Manage, report, and facilitate certification of access for all in-scope resources (including SaaS, AWS, Azure, CSS managed applications, tools, and systems)
• Work closely with the client and other key stakeholders to provide strategic input and help navigate needs and tradeoffs to build extensible digital solutions
• Enjoy collaborating with the team to plan story points, sprint themes, etc
• Obtain Security+ within the first 90 days of employment with Raft

Preferred Qualifications

• Three-plus (3+) years of experience in automated security tooling such as SCA, SAST, DAST, IAST such as Snyk, Checkmarx, GitLab / AWS Security
• Knowledge of NIST RMF and ATO process within the DoD or other highly regulated environments following similar compliance frameworks & security requirements

Benefits

• Highly competitive salary
• Fully covered healthcare, dental, and vision coverage
• 401(k) and company match
• Take as you need PTO + 11 paid holidays
• Education & training benefits
• Generous Referral Bonuses