Job Description

The Team

This is a Systems Engineering role in the Container Security Squad (part of the Application, Infrastructure and Endpoint Product Area) within the Enterprise Cybersecurity business unit.

In the container squad, we focus on reducing security risks associated with containers and the container ecosystems, looking for the best ways to minimize internal team friction by discovering and mitigating vulnerabilities at scale and in a timely manner. We work with teammates and development squads across the businesses to ensure container security.

The Expertise You Have

Bachelor’s Degree in Computer Science, Computer Engineering, Cybersecurity, or relevant field of study

We are seeking at least 6 years overall experience in technology and/or development, where a minimum of 2 years were security focused, at least 2 years working with Docker containers, 2 years hands-on deploying/operating production applications in public cloud (e.g., AWS or Azure), and a minimum of 2 years using/running Linux operating systems.

It would be advantageous for you to have certifications in AWS (Associate level minimum), and Azure, as well as have working experience with multi-cloud environments, Kubernetes, Database/SQL, Cloud Workload Protection Platform tools (e.g., Qualys), Cloud Security Posture Management tools (CSPM - e.g., Divvy Cloud, Wiz), and/or working experience using/managing Cloud Native Application Protection Platforms (CNAPP - e.g., Wiz, Prisma Cloud, Aqua).

The Skills You Bring

You have hands-on experience building, deploying, and running the lifecycle of Docker Containers, as well have a solid understanding of Container internals and Container platform security strategies/tools, including being able to identify and mitigate security risks in containers/container environments.

You should have effective automation skills such as scripting (bash, Python, etc.), and experience using/running Continuous Integration / Continuous Delivery (CI/CD) systems (e.g. Jenkins, etc.)

Understanding of software development CI/CD pipelines and experience with Application Lifecycle Management tools

Proven understanding of AWS basics + EKS and Azure basics + AKS; Understanding of Google Cloud considered a bonus.

Knowledge of application security practices, including Pen Testing, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Web Application Firewalls (WAF).

Ability to communicate effectively with staff at all levels of the company to positively influence Business Unit and technology decision makers

You have analytical and critical thinking skills and an ability to tackle issues by making timely decisions based on facts, knowledge, experience, and judgment

You are motivated, and can take initiative to solve problems independently, or in collaboration with peers/partners.

You are hardworking, proactive and adaptive and can work in a dynamic, diverse and geographically distributed team!

You have a passion for continual learning and for helping colleagues!

The Value You Deliver

Reducing container security risks through automated detection, monitoring, and notification at an enterprise-scale

Assisting BU application development teams in adopting container security methodologies and in remediating container security issues

Developing and supporting improvements to container security in both private and public cloud

Driving container security compliance by assisting in reporting and governance

Certifications:
Category:

Information Technology

Fidelity’s hybrid working model blends the best of both onsite and offsite work experiences. Working onsite is important for our business strategy and our culture. We also value the benefits that working offsite offers associates. Most hybrid roles require associates to work onsite every other week (all business days, M-F) in a Fidelity office.