Jobs · Information Technology · Massachusetts

Sr. Cloud & Mobile Security Engineer

iRobot · Bedford, MA · 2 days ago
Information Technology$107k–$153k/yrFull-time

What You Will Do

  • Assess new cloud designs and mobile app feature changes for potential security vulnerabilities.
  • Evaluate production and test builds of cloud services and mobile applications for adherence to security best practices.
  • Develop guidelines for security of products based on industry standards.
  • Triage reported vulnerabilities from the field across a spectrum of sources and determine impact, priority, and risk.
  • Design and build secure cloud services that centralize critical security functionality.
  • Implement test frameworks for automated security validation testing of cloud and mobile deployments.
  • Work with the latest SAST/DAST tooling, AI-powered and traditional, to evaluate and report on flaws and vulnerabilities to the development teams.
  • Ensure the components meet the regulatory needs of every market within which iRobot products are sold.
  • Engage third-party and AI services for penetration testing, red team exercises, threat modeling, and more.

To Be Successful

  • 7+ years designing, building, and deploying AWS-based managed service infrastructure, with at least 2 years as a security champion within a development team.
  • Extensive knowledge and practical experience designing, building and deploying secure serverless, API-based services with a deep understanding of the standard callflow of managed service architecture: Gateway to Work Process to Storage to Access.
  • Deep knowledge of authentication protocols and technologies, including IAM, SSO, OAuth 2.0, and RBAC.
  • Experience building mobile apps for iOS and Android, with a deep understanding of the security best practices of each.
  • Strong understanding of, and alignment with, OWASP standards and best practices, including the OWASP Top Ten lists.
  • Strong understanding of AWS policy hierarchy, and practical knowledge of Organizations, SCPs, IAM, et al.
  • Python and Node/JavaScript proficiency.
  • Practical experience constructing architecture risk assessments and leveraging standard security tooling to build empirical evidence in support of those assessments.

PREFERRED

  • Experience at a consumer product company.

Qualifications

  • Applicants must be authorized to work for any employer in the U.S.
  • We are unable to sponsor or assume sponsorship of any additional employment visas at this time.

Similar jobs

Cloud Security Engineer, Sr

Old National BankEvansville, IN· 3 wk ago
Information Technology$70/hrapply on careers-oldnational.icims.com