Senior Cloud Security Engineer

We are looking for an exceptional security engineer to strategize, design, and guide the implementation of our rapidly expanding security capabilities to secure applications and data in multi-/hybrid-cloud environments. With superb technical competency in the areas of cloud, Application, and data security, and Identity and Access Management, you'll lead and partner with an innovative and passionate team of engineers to create and implement effective, cost-efficient, and low-friction security solutions using cutting-edge technologies.

What You'll Do

• Lead strategic initiatives to mitigate and remediate infrastructure security risk across the organization
• Implement & Instrument security controls and tooling across cloud infrastructure to uplevel the security posture
• Develop and implement enterprise-level Access Control, Provisioning, and SSO solutions ensuring users provisioned with right level of access adhering to principle of least privilege
• Work on a cloud native environment leveraging Containerized Workloads, Serverless Architecture and Automated CICD Pipeline to manage Infrastructure-as-a-Service
• Perform Scripting and Coding to build security tooling and for automating redundant tasks.
• Use terraform to deploy security baseline controls, perform code reviews, and provide recommendations for improved security.
• Research and advocate new technologies, architectures, and security products that will support security strategies, patterns, and standards and help address new threat vectors
• Implement, Administer and Instrument cloud and infrastructure security platforms like IAM, PKI, WAF, Egress and Network firewalls across cloud infrastructure
• Deploy and Manage Network and Endpoint security solutions (e.g. management frameworks, EDR tools)
• Enhance monitoring on user activity and enforce the principle of least privilege for all identities running within the cloud.
• Define, document and implement security standards, guidelines and procedures for secure operations in a cloud infrastructure environment.
• Be part of the On-Call Support for addressing security tickets and serve as a Security System SRE on a rotational basis
• Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps
• Identify and remediate security vulnerabilities and incidents

What we expect:

• BS or equivalent. Minimum of 8+ years of experience in security engineering.
• Strong understanding of cloud security technologies, their operation and limitations including: Access Controls, Authentication/Authorization Controls, Perimeter Security, Container Security, PKI and Egress controls.
• Experience with building scalable cloud security solutions that are well instrumented
• Deep and strong experience within identity and access management technology. SAML, OAuth/OAuth2, OpenID Connect, MFA mechanisms, SSO, OIDC, risk-based authentication, data encryption, and session management
• Experience working with a variety of products in IAM stack such as Okta, Ping Identity, Sailpoint, Active Directory and LDAP etc.
• Skilled in Java, Python, Go and programming automation.
• Deep technical expertise on public cloud environments like GCP, AWS and Azure
• Effective communication and interpersonal skills to collaborate with stakeholders across organization and provide guidance on security architecture
• Experience presenting technical security content to a large group and leadership.

Pay Transparency Notice: 

Credit Karma’s mission of championing financial progress for all starts from within. That’s why we implemented role-based compensation, which ensures people who are in the same role receive the same pay with variations for geographic location only. It’s all part of a more comprehensive DEI strategy that helps level the playing field. The base salary range for this role is $240,000 - $270,000, plus equity and benefits. 

Benefits at Credit Karma includes:

• Medical and Dental Coverage
• Retirement Plan
• Commuter Benefits
• Wellness perks
• Paid Time Off (Vacation, Sick, Baby Bonding, Cultural Observance, & More)
• Education Perks
• Paid Gift Week in December

Equal Employment Opportunity:

Credit Karma is proud to be an Equal Employment Opportunity Employer. We welcome all candidates without regard to race, color, religion, age, marital status, sex (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity or gender expression, national origin, veteran or military status, disability (physical or mental), genetic information or other protected characteristic. We prohibit discrimination of any kind and operate in compliance with applicable fair chance laws. 

Credit Karma is also  committed to a diverse and inclusive work environment because it is the right thing to do. We believe that such an environment advances long-term professional growth, creates a robust business, and supports our mission of championing financial progress for everyone. We offer generous benefits and perks with a single eye to nourishing an inclusive environment that recognizes the contributions of all and fosters diversity by supporting our internal Employee Resource Groups. We’ve worked hard to build an intensely collaborative and creative environment, a diverse and inclusive employee culture, and the opportunity for professional growth. As part of the Credit Karma team, your voice will be heard, your contributions will matter, and your unique background and experiences will be celebrated.

Privacy Policies:

Credit Karma is strongly committed to protecting personal data. Please take a look below to review our privacy policies:

• GDPR Privacy Policy
• U.S. Job Applicant Privacy Notice