Cloud Security Engineer
- Solna, Sweden
- Employees can work remotely
Snow Software is the global leader in technology intelligence solutions, ensuring the trillions spent on all forms of technology is optimized to drive maximum value. More than 4,000 organizations around the world rely on Snow's platform to provide complete visibility, optimize usage and spend, and minimize regulatory risk. Headquartered in Stockholm, Snow has more local offices and regional support centers than any other software asset and cloud management provider, delivering unparalleled results to our customers and partners.
We want to operate, our services to a level that exceeds customer expectations and speaks to the trust our customers and partners have placed in us. The purpose of this role is to operate as an Infrastructure and Application Security Specialist to ensure Snow’s runtime (i.e., production) SaaS platforms, and on-premise software offerings are proactively monitored and managed to avoid data loss and other security-related issues that could arise.
The role holder will work on a variety of application development projects, and work as part of the Security Engineering Team responsible for keeping our Product pipelines (SDLC) and customer platforms safe from malicious threats developing on the horizon and championing security best practices and techniques that help mature Snow’s overall security posture.
Key accountabilities and decision ownership
- Secure by Design, strong knowledge of cloud Infrastructure stacks (AWS, AZURE, GCP) - K8S, Containers, Software Firewalls (WAF, Fast DNS, CDN etc)
- IAM - IdP, AD, Rule, Role, and Policy-based Access Controls
- Networking, IP, WAN, BGP, NSG’s, Subnet, IP Addr tables, Express routes, P2P Site-site VPN.
- Strong knowledge of DevSecOps principles
- Knowledge of offensive and defensive security tools, techniques, and principles
- Maintain and manage Penetration Testing, Threat modeling and Assessment, Bug bounty programs
Core competencies, knowledge, and responsibilities
- Mentoring, Coaching, and educating developers to drive security champions within Snow
- Awareness and alignment with CSTAR (CCM), Soc2, ISO, NIST, OWASP, CIS benchmarking
- Good Security hygiene on SDLC and shift left controls
- Knowledge of ATT&CK, NIST and STRIDE
- Acting as a subject matter expert for App and Infra security (Both to SoC team and wider Snow engineering and development)
- Knowledge of attack techniques, threat landscape, threat actors (Desirable qualification could be Security+, CEH, or similar)
- Participate in IRP
- Create and contribute to security playbooks that can be automated in the future (SOAR)
- Degree/Masters in a Security Related discipline
- Azure Certified Security Associate
- CKS - Kubernetes
- Microsoft Azure (AZ-500, AZ-400, AZ-305)
This is a chance for you to accelerate your career and succeed in an environment where you will have the possibility to make a daily impact. Every day you will get to work alongside helpful and down-to-earth colleagues who are dedicated and ambitious. We fully recognize that it is our employees that make Snow a success and the global leader in the development and delivery of dedicated SAM solutions. If you are the right person for the role we will offer you exciting and developing assignments and you will get to be part of a fantastic journey within a dynamic high-growth business.