Software Engineering, Sr Manager

Job Description and Requirements

About the Synopsys Software Integrity Group (SIG)

Synopsys Software Integrity Group helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open-source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle. For more information, go to www.synopsys.com/software

Senior Cloud Security Architect

Job Summary

As a Cloud Security Architect/Engineer, you will be a key member of the SIG Cloud Operations team. Through technical leadership and hands-on efforts, you will serve as a security subject matter expert (SME) for the secure design, deployment, and running of all workloads within SIG Cloud Services. You will work with various stakeholders throughout the entire lifecycle of internally and externally facing workloads on the cloud, including customer-facing SIG SaaS Cloud Services. You will provide guidance during the design process and SDLC of security best practices and requirements. You will monitor all workloads for adherence to requirements and work with stakeholders to remediate all deviations. You will monitor all workloads for anomalous, malicious, or unauthorized activities, triage alerts, and respond/remediate as needed.

Core Responsibilities:

• Serves as the subject matter expert (SME) for Cloud Security. Develop standards, policies, procedures, and best practices documentation.

• Participate in efforts to tailor the company's security policies and standards for use in cloud environments.

• Build, monitor, and proactively manage the security of our SaaS services running on AWS, GCP, and other cloud environments.

• Translate security and technical requirements into business requirements and communicate security risks to audiences ranging from business leaders to engineers.

• Propose and/or design technical solutions, including creating prototypes and proofs of concept while maintaining a security mindset.

• Automate security controls, data, and processes to provide better metrics and operational support. Utilize cloud-based APIs when appropriate to write network/system-level tools for securing cloud environments.

• Identify processes/procedures for handling a cloud security event, including forensic isolation and mitigation with Incident Response teams.

• Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments, and log analysis.

• Train other team members on cybersecurity concepts and lead periodic Cloud security control testing, such as network penetration tests, phishing simulations, and social engineering simulations, and use the test results to suggest enhancements and remediations to business processes, employee training, etc.

• Participate in on-call rotation.

Key Requirements:

• Minimum of 10+ years of experience in an operational role with 5+ years of experience focused primarily on cloud security and/or security engineering.

• Deep technical knowledge of public cloud service providers, including AWS, GCP, and Azure, and the threats to workloads within those environments.

• Experience with cloud-native security solutions, including Cloud Security Posture Management and Cloud Workload Protection (Prisma Cloud, Aqua Security, Laceworks, etc.).

• Experience with supporting and securing the following (Linux systems, Container-based workloads, Kubernetes, Web-based applications, Microservice applications, and SAML, OIDC, and Federated IdP)

• Experience working in a revenue-generating, customer-facing SaaS hosting environment.

• Experience triaging events generated by security tooling and responding as needed.

• Experience with incident response and forensics within a public cloud service provider and associated workloads.

• Experience writing scripts and/or basic programs to automate tasks and collect/analyze data using Python, Bash, etc.

Nice to have:

• Familiarity with industry-standard security controls and regulatory/compliance requirements (CIS Benchmarks, NIST SP 800-53/171, SOC 2, ISO 27001/27017, FedRAMP, etc.) and their application to all resources within a cloud deployment

• Familiarity with security practices including:

• Penetration testing / Threat hunting

• Threat modeling / SIEM and SOAR

• Familiarity with using and integrating common PaaS/SaaS service providers such as Atlassian, GitHub, Salesforce, O365, etc.

• Familiarity with DevSecOps and GitOps practices

• Familiarity with designing, drafting, and revising standards, specifications, and procedures.

• Mentor less experienced security team members and wider organization personnel.

• Ability to communicate security-related information at technical and managerial levels.

• Demonstrated ability to take initiative and be accountable for achieving results.

• Relevant security certifications (e.g., ISC2, GIAC, OffSec, etc.).

Education & Work Experience:

• BS in Computer Sciences or any related technical field or equivalent work experience.

Inclusion and Diversity are important to us. Synopsys considers all applicants for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, military veteran status, or disability.

The base salary range across the U.S. for this role is between $199,000-$299,000. In addition, this role may be eligible for an annual bonus, equity, and other discretionary bonuses. Synopsys offers comprehensive health, wellness, and financial benefits as part of a of a competitive total rewards package. The actual compensation offered will be based on a number of job-related factors, including location, skills, experience, and education. Your recruiter can share more specific details on the total rewards package upon request.

#LI-AS