Overview
Principal Security Engineer – Cloud Jobs in Austin, Texas, USA at CDK Global
Title: Principal Security Engineer – Cloud
Company: CDK Global
Location: Austin, Texas, USA
Type: Full Time
Category: IT/Tech, Security
About Us:
CDK Global is a leading provider of cloud-based software to dealerships and Original Equipment Manufacturers (“OEMs”) across automotive and related industries. The Company’s cloud-based, software as a service (“SaaS”) platform enables dealerships to manage their end-to-end business operations including the acquisition, sale, financing, insuring, repair, and maintenance of vehicles. By automating and streamlining critical workflows, the integrated platform of
modern
solutions enables dealers to sell and service more vehicles by creating simple and convenient experiences for customers and improves their financial and operational performance.
Position Summary:
As a Principal Platform Security Engineer, you will play a pivotal role in shaping and securing our cloud infrastructure. You will be responsible for designing, implementing, and maintaining robust security solutions in multiple cloud environments. This role requires a deep understanding of security principles, cloud technologies, and Infrastructure as Code (IaC) practices.
Position Responsibilities:
Exemplify security principles and culture Develop and implement the long-term cloud security strategy Effectively partner across security, technology, and business teams Provide technical
leadership
and expertise to cloud security efforts Develop effective network security metrics and use them to drive improvements Develop and continuously improve cloud security standards and guidelines in alignment with risk and compliance requirements Measure and report on CDK’s compliance with cloud security standards Drive adoption of cloud security standards through close partnership with technology teams,
collaborative
roadmap alignment, and
transparent
reporting Develop and continuously improve security architecture for our public cloud environments (AWS, Azure, other).
Design and implement security controls, including network security, identity and access management, data protection, and threat detection. In
collaboration
with GRC and technology teams, align security architecture and standards to key risks, compliance requirements, and business needs. Infrastructure as Code (IaC) Deep knowledge of IaC tools like Terraform, Cloud Formation, Azure Resource Manager and Deployment Manager. Collaborate with development and cloud governance teams to develop and maintain secure IaC templates and standards.
Review IaC templates for security best practices and compliance. Implement security controls and best practices within IaC templates. Security Tooling and Automation Develop custom scripts and implement security tools to automate security tasks and processes. Integrate security tools with CI/CD pipelines to ensure security is built into the development process. In
collaboration
with Security Operations, conduct regular cloud security assessments and penetration tests Operationalize remediation of discovered vulnerabilities in cloud security posture Enable Security Operations team to monitor security logs and alerts to identify and respond to security threats in the cloud.
Collaborate with Security Operations team on developing and automating alert response processes and playbooks Serve as an escalation point for cloud security incident investigations and response activities. Position
Qualifications:
Strong understanding of cloud security principles, including network …
