Overview
Skills
Job Details
Cloud Security Operations (Cloud Sec Ops) owns the operationalized governance of security operations and controls within the lululemon cloud infrastructure. This organization owns the 24/7 monitoring of the lululemon firewall policies/activities, network port volume (canaries), cloud provider security policies, and scan for policy variations within the lululemon landscape.
Cloud SecOps Sr Engineer - will work with archetects on frameworks for cloud envrioments, systems, and tools. The Sr Engineer, will be the voice of security standards and policy best practices across the lululemonCloud space. They will work closely with security teams to establish policies and gaurdrails for the cloud enviroment and create the coresponding campaigns required to drive governance.
Cloud SecOps Sr Sec Engineer - will mature the tools, metrics, and dashboards required to build security awareness and Security Campaign directions. Sr Sec Engineer will also own the remidiation best practices and creation of runbooks for service owners support in partnership with the Cloud SecOps PM.
Success will allow for monthly business reviews looking at range for policies and security trends that need to be proactivly scanned for and alerted on prior to impact.
Cloud Security and Security escalations best practices from having worked within a Sec Operations field or organization. Working through ambiguous data rich enviroments and be able to synthezie security "So What" stories and justifications for general business partners.
Has worked within a security engineerining capacity for a company that leverages cloud infrastucture from AWS, Google, Oracle, and Azure.
Business initiative documents, decks, and security awareness material. Security inititive (Weekly / Monthly) business review reports, and additionally programatic situational awareness (Sit Rep) reports as needed. Budgeting forecast and financial gaurdrails for the organization in partnership with the Manager of Cloud SecOps.
Produce: security awareness material, automation or mechanisms for detection and mitiation of non-compliant actions in the enviroment.
Deliver: security inititive (Weekly / Monthly) business review reports, and additionally programatic situational awareness (Sit Rep) reports as needed.
Manage and Drive: proactive security gaurdrails for the organization in partnership with the Manager of Cloud SecOps
Mature and scale the technical operationalization of Cloud Security
Advises and direct other engineers within the company on the "so what" and "why" policies are in place. Assist the service teams within the company of prioritizing time commitments and program needs, in order to drive close to alerts.
Builds roadmaps; to scale for the next phase.
Ensures peers, partners, and stakeholders are aligned and tracking on the Cloud SecOps security mission.
Building mechanisms to ensure transparency in operations and direction with stakeholders.