Job details

Principal Cloud Security Engineer/ Architect - San Mateo, CA

  • Department: Product Development
  • Location: San Mateo, CA, USA
  • Country: USA

Are you passionate about building and securing large scale multi-tenant cloud platforms that can run multiple types of workloads?

Do you have prior experience securing platforms build popular tech stacks like kubernetes to provide SaaS services for our business applications? Are you an expert in container security and network policies? Our workloads that run on the platform range from Java, Scala, NodeJS to Golang. This team owns, builds and closely works with the teams that operates Guidewire cloud platform and SaaS offerings. Guidewire cloud platform is targeted to be best-in-class in enabling our insurance customers with mission critical business capabilities and provide a secure, scalable and highly available system. You will work in a highly collaborative environment building next generation platform and services.  

Required Skills

  • Design and develop security architectures for hybrid and multi-cloud based systems.
  • Excellent programming skills preferably in Java , Scala OR any other OOPS languages.
  • Hands on experience and in-depth knowledge containers, data security, network security, control plane security and governance.  Deep experience with security in cloud environments around GDPR, federated security models and secrets management 
  • Understand practices like FIM, IPSec, SAST, DAST etc.
  • Expertise in crypto primitives, authentication protocols and authorization standards e.g SSL/TLS, SAML, OAuth, JWT, OPA) 
  • Experience working with security systems (e.g. Kerberos, Knox, Sentry) and SIEM 
  • Expertise in Microservice security architecture (AuthN, AuthZ architecture and user/service interaction model) 
  • Prior experience of building and securing large scale distributed systems on AWS
  • Expertise in AWS infrastructure and concepts such as VPC, subnets, security groups, S3, RDS, EC2, Glacier, Lambda, IAM, security, encryption, DevOps, replication and disaster recovery 
  • Eager to learn new things and passionate about technology
  • Expertise working with Kubernetes, AWS, Docker, and Terraform
  • Prior experience handling multiple clusters and effectively managing multiple tenants in these clusters providing good governance and isolation, explain to prospective clients the cloud security model

What you would do

  • Develop technology roadmap, architecture and implement security and compliance for Guidewire Cloud Platform.
  • Architect various security engineering aspects such as GDPR, SOX, PCI etc translate them to engineering implementation.
  • Collaborate with Open Source communities, Engineering and Infosec and provide technical leadership to develop and maintain compliance.
  • Evangelize security best practices across the cloud infrastructure org and Guidewire
  • Create security metrics and work with the teams to achieve the same
  • Work with the Engineers on remediation strategies for security issues
  • Hands-on coding 
  • Own security architecture and provide technical leadership to multiple teams
  • Do test driven unit and end to end testing of any code you develop.
  • Own Continuous Integration (CI) and Continuous Deployment (CD) for your services
  • Own scalability, availability and security for your services
  • Own, troubleshoot & resolve code defects
  • Mentor other developers in best practices

What you would need to succeed

  • Prior deep security experience and passion for building large scale multi-tenant cloud platforms
  • In-depth knowledge and experience in privacy engineering or security engineering
  • Emphasize team wins over individual success
  • Strong technical communication skills
  • Excellent software development skills in one or more of the following languages: Java/Scala
  • System design skills. Ability to design large scale distributed systems
  • Have developed in more than one language and ready to pivot to any language/framework
  • Understand REST API for data interchange. Understand API-driven system designing, mutual TLS and Oauth
  • Understand micro services architecture patterns pattern like Service Discovery/API Gateway/Domain Driven Design etc
  • Understand Serverless function and their relevant use
  • Ability to work in an agile fast paced environment
  • BS or MS degree (Computer Science or Math)
  • Refer to ‘Required Skills’ section more details

Bonus

  • Experience of building SaaS/PaaS on AWS/GCP/Azure.

About Guidewire

Guidewire is the platform P&C insurers trust to engage, innovate, and grow efficiently.

Guidewire combines core, data, digital, analytics, and AI to deliver our platform as a cloud service. 380 insurers, including the largest and most complex in the world, run on Guidewire.

As a partner to our customers, we continually evolve to enable their success. We are proud of our unparalleled implementation track record with 700+ successful projects, supported by the largest R&D team and partner ecosystem in the industry. Our marketplace provides hundreds of add-ons that accelerate integration, localization, and innovation.

Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.

Guidewire Software Inc. provides equal employment opportunities to all applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. All offers are contingent upon passing a criminal history and other background checks where it's applicable to the position.