Overview
Skills
Job Details
Primary Offerings:
Wiz Cloud: This is their core offering, focused on providing agentless visibility and risk prioritization to proactively reduce the attack surface in cloud environments. It includes features like:
Agentless Visibility: Connects to cloud environments via APIs to provide full-stack visibility across VMs, containers, serverless functions, and data stores without deploying agents.
Security Graph: Analyses the relationships between cloud resources to identify toxic combinations and attack paths.
Risk Prioritization: Focuses on the most critical risks based on potential impact and likelihood of exploitation.
Compliance Monitoring: Helps organizations meet compliance requirements like PCI DSS, HIPAA, and SOC 2.
Wiz Code: This offering focuses on securing cloud development by providing unified visibility and security across code, CI/CD pipelines, and cloud environments. It helps to:
Shift Left: Identify and address security issues earlier in the development lifecycle.
Correlate Code to Cloud: Connect code vulnerabilities to cloud resources and configurations to understand the potential impact.
Harden Cloud Infrastructure: Provide recommendations for hardening cloud configurations based on code analysis.
Wiz Defend: This is their cloud threat detection and response offering, providing runtime protection and threat detection capabilities. It helps to:
Detect and Respond to Threats: Identify and respond to active threats in real-time.
Protect Runtime Environments: Secure cloud workloads during runtime.
Key Skills for Resources:
Cloud Computing Expertise: Deep understanding of cloud platforms like AWS, Azure, and Google Cloud Platform, including their services, architecture, and security best practices.
Cloud Security Knowledge: Strong understanding of cloud security concepts, threats, and vulnerabilities, including identity and access management (IAM), network security, data protection, and compliance frameworks.
DevSecOps Understanding: Familiarity with DevOps principles and practices, and how to integrate security into the development lifecycle.
Scripting and Automation: Proficiency in scripting languages like Python or PowerShell for automating tasks and integrating with cloud APIs.
Security Tools and Technologies: Experience with other security tools and technologies, such as vulnerability scanners, intrusion detection systems, and security information and event management (SIEM) 1 systems.
Data Analysis and Visualization: Ability to analyse security data, identify trends, and present findings in a clear and concise manner.