Senior Cloud Cyber Security Engineer

Overview

We are seeking a full-time Senior Cloud Cyber Security Engineer in our Olathe, KS location. In this role, you will be responsible for ensuring adherence to Garmin's cloud information security strategy, programs, and best practice. Create scoping, designing, and implementation of technical cloud security controls (CNAPP, CSPM, CWPP), threat management, vulnerability management, cloud platform protection controls, and logging. A Senior Cloud Security Engineer must respond promptly and effectively to possible breaches of security in the Garmin cloud ecosystem.

Essential Functions

• Serve as an experienced technical resource for cloud services running on Azure and/or AWS
• Provide security-focused technical guidance to engineers running services in the public cloud
• Partner with the business to ensure services deployed in the cloud are secure, available, and meet Garmin and regulatory requirements for security
• Provide experienced technical guidance in operating and utilizing advanced cloud security tools, including cloud native application protection platform (CNAPP) tooling, to identify, analyze, and prevent public cloud exploits
• Provide experienced technical guidance in automating manual tasks with at least one scripting language Python, PowerShell, or BASH
• Provide experienced technical guidance in utilizing IAC templates such as JSON, ARM, Bicep, Cloud Formation
• Perform in-depth security assessment testing for Garmin's cloud platforms, cloud compute, repositories, and containers on a global scale
• Participate and lead regular security audits from both a hands-on and theoretical standpoint.
• Provide experienced technical guidance on modern security, infrastructure, software development, and application technologies
• Support security capabilities for microservice and cloud-native applications in a CI/CD automated, multi-tenant application environment
• Automate deployments through CI/CD tools such as GitHub Actions and Jenkins
• Utilize and secure code and image repositories such as GitHub, Bitbucket, Harbor, Docker Hub, ACR, and ECR.
• Operate and secure enterprise level container-based systems in public and private cloud environments (EKS, AKS, OpenStack, Docker, CRI-O, Kubernetes, etc.)
• Deploy, manage, and secure public cloud infrastructure such as network, storage, databases, compute, and application load balancing
• Provide in-depth guidance, training, and mentoring to members as well as perform a leadership role to improve the overall capabilities of the team
• Participate and lead in special projects concerning cloud information security, including identifying new solutions, testing, and implementation of security capabilities
• Utilize program and project management best practices to drive large-scale projects to completion
• Identify associate development and training needs and ensures that training, mentoring, and hands-on assistance is available to raise the skill level of cyber security associates
• Lead the evaluation, cost analysis, and vendor comparisons for new and existing security tooling
• Communicate effectively regarding system operations and environment changes
• Drive adherence to SOX, PCI, and other regulatory requirements as dictated
• Ensure that all security requirements are met or exceeded
• Provide significant contributions to defining team roadmap and priorities
• Develop reliable solutions to complex problems which require the regular use of ingenuity and creativity
• Develop a broad understanding of Garmin's business model, including Engineering, Operations,
• Finance, Sales and Marketing
• Research new technologies and propose cost effective solutions
• Facilitate team discussions and meetings

Basic Qualifications

• Bachelor's Degree in Computer Science, Information Technology, Management Information Systems, Business or another relevant field AND a minimum of 5 years relevant experience OR equivalent combination of education and relevant experience
• Demonstrated experience with public cloud services, with a focus on security
• Demonstrated experience with container-based platforms and related services
• Demonstrated experience with developer tooling such as code repositories and CI/CD platforms
• Demonstrated strong and effective verbal, written, and interpersonal communication skills in a small team setting
• Must be team-oriented, possess a positive attitude and work well with others
• Driven problem solver with proven success in solving difficult problems
• Excellent time management and follow-up skills
• Consistently demonstrates quality and effectiveness in work documentation and organization

Desired Qualifications

• Exceptional working knowledge of cloud environments and security principles
• Certifications in public cloud technologies (Azure Solutions Architect Expert, AWS Solutions Architect Associate, etc.)
• Certifications in cybersecurity (CISSP, CCSP, etc.)

Garmin International is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, veteran's status, age or disability.

This position is eligible for Garmin's benefit program. Details can be found here: Garmin Benefits