Site Reliability Engineer, Cloud Security

📋 Description

• • Join Miro's dynamic Cloud Security team, a specialized unit that merges deep security expertise with robust cloud engineering capabilities. Embedded within the Cloud Engineering & Operations organization, this team is pivotal in establishing and maintaining Miro's cloud security posture, ensuring best practices are implemented across the board. You will be instrumental in operating and enhancing a suite of critical security functions, including Cloud Identity, Web Application Firewall (WAF), Cloud Governance, Secrets Management, and Cloud-Native Application Protection Platforms (CNAPP).
• • As a seasoned Site Reliability Engineer (SRE), you will tackle the intricate challenges of securing a large-scale, rapidly expanding cloud platform. Your primary responsibilities will encompass ensuring the security, unwavering reliability, and seamless scalability of our core security infrastructure and services. This role offers a unique synergy, allowing you to leverage your passion for SRE principles while applying your expertise in cloud security to architect and deploy automated, resilient, and highly secure solutions.
• • You will operate as a hands-on engineer, actively designing, implementing, and refining security controls. These controls are crucial for empowering development teams to innovate and deploy rapidly, all while upholding Miro's commitment to providing a safe and trusted environment for its global user base. Your contributions will be vital in our ongoing transition towards a unified cloud infrastructure platform, ensuring that security considerations are integrated as a fundamental element throughout the entire lifecycle of our cloud infrastructure.
• • Key responsibilities include the end-to-end design, implementation, and ongoing maintenance of scalable security controls and solutions tailored for our AWS/EKS environment. This will be achieved through the extensive use of Infrastructure-as-Code (IaC) principles, ensuring consistency and repeatability.
• • You will be tasked with automating the deployment processes and establishing robust continuous delivery pipelines for our essential security capabilities. This includes critical tools such as WAF, Secrets Management solutions, and Cloud Governance tooling, streamlining their delivery and updates.
• • A core aspect of the role involves ensuring the high availability, reliability, and optimal performance of all critical security services. Minimizing any potential impact on development workflows and production environments will be a key performance indicator.
• • You will serve as a trusted consultant and subject matter expert for various infrastructure teams. Your guidance will empower these teams to enhance their security posture, with a particular emphasis on Kubernetes security best practices and configurations.
• • Active participation in an on-call rotation is expected. This involves responding promptly and effectively to cloud security incidents, working to mitigate risks, and minimizing any potential impact on Miro's services and users.
• • A continuous improvement mindset is essential. You will be responsible for enhancing the observability of our security landscape, enabling proactive identification of misconfigurations, and detecting vulnerabilities at scale before they can be exploited.
• • This role requires a deep dive into the security aspects of Kubernetes, including administration, hardening, and securing its ecosystem. You will be at the forefront of ensuring our containerized environments are secure by design.
• • You will contribute to the strategic direction of cloud security at Miro, helping to shape policies, standards, and architectural decisions that align with business objectives and regulatory requirements.
• • Collaborating with cross-functional teams, including engineering, operations, and product, to integrate security seamlessly into the development lifecycle and product roadmap.
• • Staying abreast of the latest threats, vulnerabilities, and security technologies in the cloud-native space, and applying this knowledge to enhance Miro's security defenses.
• • Developing and maintaining comprehensive documentation for security controls, processes, and incident response procedures.
• • Contributing to the development of security awareness and training programs for engineering teams.
• • Participating in security reviews and audits, both internal and external, to ensure compliance and identify areas for improvement.
• • Driving innovation in security automation and tooling to increase efficiency and effectiveness of the Cloud Security team.
• • You will be a key player in building and scaling Miro's cloud infrastructure securely, ensuring that as the company grows, our security posture scales with it.