Lead Cloud Security Architect

At Treasure Data, we’re on a mission to radically simplify how companies use data to create connected customer experiences. Our sophisticated cloud-based customer data platform drives operational efficiency across the enterprise to deliver powerful business outcomes in a way that’s safe, flexible, and secure. With Treasure Data Customer Data Cloud, companies can overcome the data disconnect to responsibly collect and understand massive amounts of data, transform their businesses, and create new, targeted experiences across the entire buying journey. We’re proud to be InfoWorld’s 2022 “Technology of the Year” Award winner and trusted by leading companies around the world, spanning the Fortune 500 and Global 2000 enterprises.

The Opportunity:

Drive Treasure Data’s Secure Software Development Lifecycle with a focus on infrastructure and cloud security.

• Help proactively assess security risks through infrastructure deep dives, threat modeling, requirements, design, architecture, and implementation reviews.
• Partner with R&D, GTM, peers, and security champions on all things cloud security.
• Engage with customers to understand their security needs, and help them understand what security controls exist in our systems or could exist in the future.
• Review architecture, vulnerabilities, deployments, misconfigurations, tool findings, etc. for ISO/SOC 2/ HIPAA cloud environments.
• Understand, research, and internalize external cloud vulnerabilities, misconfigurations, and security trends.
• Identify opportunities for security tooling and automation with the goal of translating the security standards into policy as code.
• Ideate, prototype, and experiment with tools with the goal of scaling Treasure Data’s cloud-first architecture.
• Help improve security tooling, processes, and how R&D teams approach deployment in their day-to-day work.
• Be a security advocate and subject matter expert within the organization and be able to effectively communicate security risks and concepts to both technical and non-technical audiences internally and externally.
• Collaborate closely with the ITS peers, Legal, GTM, and R&D teams to create a committed roadmap for security fixes and enhancements.
• Roll up your sleeves in urgent or reactive situations.
• Identify current and desired states that will drive the security roadmap of the platform.

Details on Our Environment

• 100% Cloud-native, primarily on Amazon Web Services (AWS).
• We oversee an ever-growing multi-account AWS structure.
• 99% of our servers are Linux.
• 99% of our workstations are MacOS.
• 95% of our systems are short-lived and stateless.
• We work at scale. Petabytes and millions of events per second are everyday occurrences.
• Dream Big! We believe in autonomy, mastery, and purpose.

About You:

• A minimum of 8 to 10 years of experience in infrastructure security, experience in DevOps, or as an architect in large-scale, distributed software projects with public cloud service providers.
• Have sound security concepts with proficiency in public cloud security, networking, host security, and the shared responsibility model.
• Hands-on technical expertise in Security Architecture, automation, integration, and deployment (Secure DevOps).
• Experience in threat modeling and security code reviews with an eye to identifying security flaws.
• Experience triaging, identifying, and prioritizing security risks with a clear understanding of their impact on an organization.
• Working knowledge of common and industry-standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc).
• Experience with CI/CD pipelines and supply chain security.
• Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
• Strong interpersonal and communication skills; ability to work in a team environment.
• Ability to work independently with minimal direction; self-starter/self-motivated.
• Ability to lead client meetings and internal cross-team projects.
• Strong experience with project management software tools, methodologies, and best practices.
• Experience working directly with customers, partners, or third-party vendors and developers.
• Familiarity with compliance & security standards across the enterprise Security landscape is desired.
• Experience seeing projects through the full life cycle.
• Technical writing experience.
• BS-level technical degree
• CISSP and alike preferred but not required
• PLUS – Business Japanese