Cloud Security Manager

The Opportunity

We're looking for a Cloud Security Manager to help enhance our development processes and build cutting edge security tools to improve and scale Adobe's cloud infrastructure and ensure our security posture.

The role will provide the opportunity to work on a diverse set of projects and will also include development of prototypes and proof-of-concepts. You'll be working to build and assess tools to cover the newest features from the major cloud service providers.

• Secure our cloud environments in software, process, and infrastructure through building security tools.

• Develop strategy to resolve security issues through custom-built tooling

• Assist security engineers with software development best practices

• Lead efforts to analyze and harden Cloud Security Architecture. Conduct thorough reviews of each cloud environment, including architectures across AWS, Azure, and GCP, focusing on identity and access management (IAM), implementations, network segmentation, data protection controls, and the secure configuration of core services to prevent common and advanced attack vectors.

• Take the lead in improving cloud-native threat detection.

• Minimize harmful actions by using native cloud security tools and relevant frameworks.

• Assess modern cloud workloads. Perform deep-dive security assessments of critical cloud workloads, including Kubernetes clusters (EKS, AKS, GKE), CI/CD pipelines, and serverless applications.

• Collaborate with teams across the organization to build complex software that interact with multiple systems, processes, and standards

• Help improve the availability, performance, scalability, and security of Adobe's security tools.

• Transition Adobe's security tooling into an infrastructure-as-code model to scale our cloud security

• Develop custom cloud security automation. Build custom tools and scripts to automate the continuous discovery of cloud misconfigurations and security gaps.

• Improve our development workflow by assisting in establishing standards and implementing automation

• Improve our development pipelines so that we can achieve faster and more reliable deploys

• Focus on DevSecOps tooling and strategy

• Secure our cloud environments in software, process, and infrastructure through building security tools.

• Improve our tools and processes for continuous integration, continuous deployment, automated testing, and release management.

• Solid understanding of both software development and security best practices

• Experience leading software development projects

• Experience with cloud service providers: Microsoft Azure, Amazon AWS, or Google GCP

• Good understanding of DevSecOps practices

• Experience building infrastructure with CloudFormation and/or Terraform, as well as experience with scripting languages (e.g. Python, Ruby, Rust, Go)

• Knowledge of orchestration tools, (e.g. SaltStack, Ansible, Chef, Puppet) and CI/CD infrastructure (e.g. Jenkins)

• Serve as a hands-on technical contributor to our evolving architecture

• Understanding of SDLC and how to automate components of SDLC

• Knowledge of security infrastructure tools and components; network security; operating system fundamentals; etc.

• Experience writing user documentation

• Deep understanding technical operations

• Prior experience working in an agile/agile-like development workflow

• Success implementing projects that required working with teams across the organization

• Dependability: Meets commitments, works independently, accepts accountability, handles change, sets personal standards, stays focused under pressure

• Effective communication skills.

• Align with Adobe's values: Genuine, Exceptional, Innovative, and Involved.