Description:

Guidewire Software is seeking a Senior Security Engineer to design, build, and maintain infrastructure technologies with a focus on security.
The role requires acting as a Domain Expert in providing guidance on security best practices, particularly in an AWS environment.
Responsibilities include partnering with various teams to implement security best practices, embedding security requirements into DevOps environments, and maintaining secure cloud environments.
The engineer will represent the Security Team in Security and Change Management Review Boards and act as a hands-on technical Security Subject Matter Expert (SME).
The position involves leading initiatives to improve security posture, guiding junior team members, and contributing to the advancement of security knowledge through publications and presentations.
On-call support and participation in the Incident Response Team are also part of the role.

Requirements:

Candidates must have 5-7 years of experience in Information Security, specifically in building and operating secure infrastructures, with a focus on DevSecOps.
A deep understanding of secure product development practices, including threat modeling, secure design principles, and security testing, is required.
Familiarity with enterprise security controls for Windows, Linux, and Mac systems is necessary.
Proficiency in cloud security concepts, particularly with AWS and GCP, as well as networking and architecture is essential.
Experience working with product and DevOps Engineers on security requirements is mandatory, with a strong emphasis on AWS.
Excellent communication, collaboration, and interpersonal skills are required, along with the ability to articulate complex security concepts in simple terms.
Candidates should have the ability to lead initiatives, influence junior engineers, and manage change effectively.
In-depth knowledge of TCP/IP networking and experience with CI/CD tools, programming languages (Python or Go), infrastructure as code languages (Terraform or CloudFormation), and configuration management tools (Ansible, Salt, Puppet, or Chef) is expected.
Experience with Cloud Security services such as IAM, CloudTrail, and GuardDuty is also required.

The position offers the opportunity to work in a remote environment, providing flexibility and work-life balance.
Employees will have the chance to lead major security initiatives and contribute to the overall security program of the organization.
There is potential for professional growth and development through mentorship and guidance of junior team members.
The role allows for collaboration with various teams across the organization, enhancing cross-functional skills and knowledge.
Employees will be part of a dynamic team focused on improving security posture and advancing security domain knowledge.