Why will you enjoy this new opportunity?
Do you have an analytical mind, strong attention to detail, a passion for Information Security, and you love learning how cloud services operate? Is the possibility of specializing in cloud automation, orchestration, and integration exciting? Is a hybrid role that involves extensive knowledge of software design, process and workflows, and data center and cloud infrastructure the right match for your career goals?
You know that technologies come and go, but that excites you because of the endless possibilities it creates. You’re looking for an opportunity to work for a company who is making the transition to provide more of our products as cloud service offerings. You want to understand how VMware delivers products & services to our customers in the cloud now. You want to be a part of a collaborative environment whose teams care about the success of VMware and how they are delivering a secure cloud service to our customers.
What is primary need, technical challenge, and/or problem you will be responsible for?
We need someone who can apply their operational and technology experience in the creation of a security health platform. You will create automation to query data elements from multiple sources, link them relationally, allowing teams to build reports showing security readiness status for all layers of the stack including IaaS, PaaS, SaaS, VMware on VMware, OS, running application, etc.
Learning the security landscape of VMware SaaS, you will need to be a Security advocate managing various work streams and meetings including VMware SaaS R&D teams and Security teams. You will work with all teams to drive continuous improvement (automating repeatable tasks, adjusting workflows, create reporting dashboards) in how we deliver our services to the larger VMware organization.
Success in the Role: What are the performance goals over the first 6-12 months you will work toward completing?
Working with Cloud Security team members, understand critical processes and procedures within 45 days.
Within 90 days’ work independently with cloud security team to gather use-cases and requirements. Identify WHAT data we need to gather, WHO owns that data, WHERE is the data located, HOW will we query the data for all use-cases and requirements. Refine and groom stories for development and begin to create the automation required.
What type of work will you be doing? What assignments, requirements, or skills will you be performing on a regular basis?
Learn the Cloud Security landscape by interacting with Security Operations, Vulnerability Management, Security Architects, IAM Architects, GRC, Resiliency team members to get work done.
Become a Cloud Security Advocate for VMware by working with various R&D teams to build a security first culture into our products.
Analyze current workflows and process used by Information Security teams to identify cross team overlap, update inefficient workstreams, and increase efficiencies for SaaS security.
Create and maintain reporting dashboards in JIRA, Confluence, Sharepoint, PowerBI, etc showing security readiness of SaaS offerings.
Create Software-as-Code solutions to query configuration data and report if configuration is in-line with accepted standards.
Required Skills and Experience:
- Experience working in a global information security, or information technology (with cloud experience) or information risk management related role.
- 3+ years of coding / development experience (Infrastructure-as-Code ; Software-as-Code). Expertise with python scripting, building/using Terraform, automation of data collection, workflow automation.
- Familiar with architectural concepts of any one of the major public IaaS providers (AWS or Azure preferred).
- Experience with cloud computing service offerings (IaaS, PaaS, SaaS).
- Knowledge of Kubernetes, Docker, Software as a Service, and container technologies.
- Demonstrated experience working with DevOps or SecDevOps tooling (JIRA, Confluence, CI/CD, Git, Jenkins, etc), processes, and culture.
- Must be a self-starter and possess the qualities to work efficiently, effectively, and autonomously with general supervision.
- Familiar with industry standard cloud security controls (CSA CCM; ISO 27001/27017/27018; NIST 800-53, PCI DSS, ISACA, COBIT, etc.) and frameworks for financial services organization or organizations with similar information security needs and requirements.
- Ability to multi-task, adjust to needs quickly and efficiently and prioritize work with a strong attention to detail.
- Ability to work well under pressure and with tight deadlines while exercising sound judgment.
- Ability to communicate at all levels of an organization and across diverse cultural and linguistic barriers.
- Ability to quickly adapt as the organization evolves.
- Ability to work during U.S business hour schedule.
- Bachelor’s degree in information systems or a related technical field.
- Security certifications such as CISSP, CCSP, CISM, CRISC.
What is the leadership like for this role? What is the structure and culture of the team like?
This role will report to Mike Wlodarczyk, Sr. Manager, Cloud Security. He has more than 20 years of I.T. experience, 13 years focused on Service Provider virtualization and cloud products, delivering Security focused operational readiness. He has been with VMware for 6 years.
Mike’s leadership philosophy is based on working together to achieve a shared vision. Mike believes that everyone can be an innovative leader by sharing their individual ideas and original thinking to produce creative solutions.
What are the benefits and perks of working at VMware?
You and your loved ones will be supported with a competitive and comprehensive benefits package. Below are some highlights, or you can view the complete benefits package by visiting benefits.vmware.com.
- Employee Stock Purchase Plan
- Medical Coverage, Retirement, and Parental Leave Plans for All Family Types
- Generous Time Off Programs
- 40 hours of paid time to volunteer in your community
- Rethink's Neurodiversity program to support parents raising children with learning or behavior challenges, or developmental disabilities
- Financial contributions to your ongoing development (conference participation, trainings, course work, etc.)
- Healthy and local inspired snacks in all our pantries
VMware is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind: VMware is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at VMware are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV Status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. VMware will not tolerate discrimination or harassment based on any of these characteristics. VMware encourages applicants of all ages. VMware will provide reasonable accommodation to employees who have protected disabilities consistent with local law.