Our client is seeking a highly technical Manager of Infrastructure Security Engineering to lead and drive the security posture of its core infrastructure. This role requires a hands-on leader with deep expertise in cloud infrastructure security, automation, and large-scale distributed systems. The ideal candidate will have a strong background in AWS, GCP, Kubernetes, Terraform, and Infrastructure as Code (IaC), coupled with proven leadership experience in guiding engineers to build and maintain a secure, resilient, and scalable infrastructure.
Key Responsibilities:
Lead and mentor a team of Infrastructure Security Engineers and help foster a high-performance culture focused on infrastructure security, reliability, and automation across the company.
Architect, implement, and enforce security best practices across AWS and GCP environments to ensure robust protection for cloud workloads, EC2 instances, Kubernetes clusters, networking, and critical services.
Develop and enforce security controls for networking, compute, and storage infrastructure. Incorporate advanaced protocols such as least privilege access, encryption, and compliance with industry best practices.
Drive automation-first initiatives using Terraform (IaC), Python, or Ruby to enhance security configuration, policy enforcement, and proactive infrastructure hardening.
Oversee and enhance security monitoring, logging, and analytics using ELK (Elasticsearch, Logstash, Kibana) and other infrastructure-focused security tools.
Manage and improve GitHub security processes, including securing repositories, to encorce secure CI/CD pipelines and implement best practices for infrastructure codebase management.
Strengthen the organization's threat detection and response capabilities by integrating automated security tooling into infrastructure and cloud environments.
Collaborate with DevOps, IT, and Security teams to embed security into the core infrastructure lifecycle (provisioning through decommissioning).
Key Qualifications:
7+ years of hands-on experience in Infrastructure Security Engineering, with at least 2 years in a leadership or managerial role.
- Bachelor's degree in Computer Science or a related technical field. (Bonus points for advanced degrees!)
Deep expertise in AWS and GCP infrastructure security, including IAM policies, EC2, Kubernetes, cloud networking, and secure storage.
Strong background in Infrastructure as Code (IaC) using Terraform, with a focus on secure infrastructure deployment and lifecycle management.
Proficiency in automation and scripting using Python or Ruby.
Experience securing GitHub environments, including repository security, access controls, and pipeline hardening for infrastructure deployments.
Hands-on experience with logging and monitoring tools such as ELK Stack, Prometheus, Grafana, or Splunk for infrastructure security and health monitoring.
Strong understanding of threat detection, incident response, and security automation techniques for infrastructure components.
Proven ability to lead technical teams, drive infrastructure security initiatives, and communicate effectively with stakeholders in both technical and nontechnical environments.
A track record of implementing security solutions in highly scalable, cloud-native environments with a focus on infrastructure resilience.
Preferred Qualifications:
Experience with additional cloud security tools such as AWS Security Hub, Google Security Command Center, or Prisma Cloud for infrastructure protection.
Knowledge of container security solutions (e.g., Falco, Aqua Security, Twistlock) and Kubernetes security best practices.
Familiarity with network security principles, including firewalling, VPNs, and VPC security best practices.
Experience with compliance frameworks such as SOC 2, ISO 27001, or NIST CSF.
Security certifications such as CISSP, CKS, AWS Certified Security - Specialty, or GIAC Cloud Security Certifications.
