Clearwater Analytics® is a global SaaS solution for automated investment data aggregation, reconciliation, accounting, and reporting. Clearwater helps thousands of organizations make the most of investment portfolio data with cloud-native software and client-centric servicing. Every day, investment professionals worldwide trust Clearwater to deliver timely, validated investment data and in-depth reporting.
In this role, you’ll join a team of security analysts and engineers responsible for the infrastructure our customers use internally and externally to run the business with observability, scalability, security and capacity planning as main functions. The team you’ll be on and help grow is a talented and diverse group of engineers focused on providing a highly secure platform used by Clearwater’s engineering teams to deliver cutting-edge features.
What you’ll be doing:
Designing, implementing and securing solutions for end to end security in a CI/CD pipeline
Develop secure-by-design cloud infrastructure configurations/policies to prevent new cloud security issues
Build automated alerting and remediation workflows for cloud security issues
Collaboratively develop & implement solutions that empower teams to deliver secure infrastructure at scale
Automating enforcement of Cloud compliance policies.
Stay current on emerging threats, vulnerabilities and controls
Identifying, investigating and responding to cyber threats, incidents and anomalies.
Identifying and prioritizing security vulnerabilities in our environment and helping to drive remediation.
Making recommendations for necessary changes to our security controls to address emerging security threats.
3 years experience in information security and/or cloud engineering/operations
Ability to assess and appropriately prioritize risk associated with public cloud infrastructure and operations
Experience with security operations and incident response in public cloud environments (especially GCP)
Professional experience in security operations and incident response
Proficiency with at least one programming language (ex: Python)
Nice to have:
Knowledge of SDL best practices
Expertise in web application security (OWASP Top 10)