Remote Security Policy Engineer (m/w/d)

Description:

• Mondoo is seeking a skilled Security Policy Engineer to join their dynamic team, focusing on enhancing the security of their platform.
• The role involves translating complex security requirements into code and implementing security policies across the infrastructure.
• Responsibilities include collaborating with various teams to ensure systems meet high security standards and automating security practices through a "policy as code" approach.
• Key tasks include developing and maintaining security policies, integrating them into CI/CD pipelines, designing automated security checks across cloud environments, and conducting security assessments.
• The engineer will also contribute to internal security tools, optimize existing policies, and provide guidance on best practices.

Requirements:

• A Bachelor's degree in Computer Science, Cybersecurity, or a related field is required.
• Candidates must have 3+ years of experience in security engineering or policy implementation.
• Strong programming skills in at least one language such as Go, Python, or Java are necessary.
• Experience with policy as code frameworks like Open Policy Agent or HashiCorp Sentinel is required.
• Proficiency in writing and maintaining infrastructure as code using tools like Terraform or CloudFormation is essential.
• A solid understanding of cloud security principles and best practices is needed, along with knowledge of at least one major cloud platform (AWS, Azure, or GCP).
• Extensive experience with Linux and Windows operating systems is required.
• Candidates should have an in-depth understanding of TCP/IP networking protocols and concepts.
• Experience with container technologies and orchestration, such as Docker and Kubernetes, is necessary.
• Familiarity with common compliance standards like CIS, SOC 2, ISO 27001, and HIPAA is required.
• Experience with version control systems, preferably Git, is essential.
• Excellent problem-solving and analytical skills are necessary, along with strong written and communication skills in English.
• The ability to articulate complex security and IT concepts to both technical and non-technical audiences is required.

Benefits:

• The position offers the opportunity to work remotely from Germany or Bulgaria.
• Employees will have a direct impact on the Mondoo Platform and its security practices.
• The role provides a chance to collaborate with various teams and contribute to the continuous improvement of security processes.
• Employees will stay up-to-date with emerging security threats and best practices in policy as code.
• The company encourages sharing of GitHub/GitLab repositories or project portfolios, showcasing experience in security policy implementation and cloud security tools.