StubHub
Senior Security Software Engineer - Cloud & Infra Security
StubHub, Aliso Viejo, California, United States, 92656
Join to apply for the
Senior Security Software Engineer - Cloud & Infra Security
role at
StubHub StubHub is on a mission to redefine the live event experience on a global scale. We aim to help fans and sellers alike by providing a safe, convenient way to buy and sell tickets to events around the world. About The Team StubHub Cloud & Infrastructure Security Engineering is seeking a senior engineer to enhance our security posture within the cloud and infrastructure domains. The ideal candidate will have extensive experience in cloud security architecture, network security, and infrastructure automation, with familiarity in container and operating system security. Location : Hybrid (3 days in office/2 days remote) – New York, NY or Santa Monica, CA or Aliso Viejo, CA What You'll Do Develop secure Cloud Account Architectures, focusing primarily on AWS, while understanding the trade-offs of various cloud architectures. Design and implement network security strategies using security groups, NACLS, routing domains, and multi-tiered subnet architectures for defense-in-depth. Manage security logging and monitoring infrastructure for cloud-native and third-party data sources, ensuring shipping to Data Lakes and integration with visualization platforms. Operate and manage Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) such as Wiz, Orca, Prisma, and Rapid7 ICS. Deploy configurations and infrastructure using Infrastructure as Code (IaC) frameworks, such as Terraform, CloudFormation, and Pulumi. Develop and implement governance strategies for infrastructure deployment that integrate security best practices and enhance developer productivity. Architect and implement workload identity services, such as SPIRE (Spiffe), in a heterogeneous multi-cloud environment. Architect and maintain PKI and secrets management platforms to ensure secure storage and access to sensitive information. Write and maintain production-quality APIs to automate security processes, benefiting infrastructure and developer workflows. What Youve Done Expert level experience in AWS cloud account architecture. Expert level knowledge in Network Security, including AWS networking primitives: Security Groups, NACLS, Subnetting, Routing, and egress traffic filtering. Expert level proficiency in Identity & Access Management (IAM) Security, including architecting AWS IAM roles & policy architectures for human and machine access. Expert level communication skills and ability to work effectively across teams. Expert level experience deploying and maintaining configurations and infrastructure using Terraform. Expert level experience with modern CSPM and CWPP tools (Wiz, Orca, Prisma, Rapid7). Intermediate level experience with Secrets / key Management Platforms (e.g., AWS KMS, AWS Secrets Manager, Hashicorp Vault). Expert level experience in building and implementing IaC governance strategies that balance security and developer productivity. Intermediate level experience in architecting & managing Spire (Spiffe) and Service Mesh services. Intermediate level proficiency in Python or Go, and Bash scripting. Intermediate level experience in container & operating system hardening. Intermediate level experience in building & maintaining Web Application Firewalls. Intermediate level familiarity with security frameworks (PCI DSS, CIS, ISO 27001, NIST CSF). Preferred Skills And Qualifications Intermediate level experience in architecting & implementing internal PKI & Secrets Management services. Intermediate level knowledge of Kubernetes (K8s) Security foundations, including admission controllers, K8s Network Policies, K8s RBAC, and K8s Ingress architectures. Intermediate level proficiency in DDoS mitigation techniques using AWS Shield, CDN traffic scrubbing, and origin protection mechanisms. Intermediate level proficiency in Azure. What We Offer Accelerated Growth Environment: An environment designed for swift skill and knowledge enhancement, with the autonomy to lead experiments at scale. Top Tier Compensation Package: Competitive base, equity, and upside aligned with impact. Flexible Time Off: Unlimited Flex Time Off to support work-life balance. Comprehensive Benefits Package: 401k, and premium Health, Vision, and Dental Insurance options. The anticipated gross base pay range is below. Actual compensation will vary based on qualifications, skills, experience, and competencies. Base annual salary is one component of StubHub’s total compensation and benefits package. Salary Range $200,000—$275,000 USD About Us StubHub is the world’s leading marketplace to buy and sell tickets to live events. We operate in 195 countries in 33 languages and 49 currencies. We offer a safe, convenient way to buy or sell tickets and invite you to join our team for a front-row seat to the action. For California Residents: California Job Applicant Privacy Notice found here We are an equal opportunity employer and value diversity on our team. We do not discriminate on the basis of race, color, religion, sex, national origin, gender, sexual orientation, age, disability, veteran status, or any other legally protected status. We’ve included additional postings and location data in this listing to provide context about the role ecosystem, but they are not part of the current opening.
#J-18808-Ljbffr
Senior Security Software Engineer - Cloud & Infra Security
role at
StubHub StubHub is on a mission to redefine the live event experience on a global scale. We aim to help fans and sellers alike by providing a safe, convenient way to buy and sell tickets to events around the world. About The Team StubHub Cloud & Infrastructure Security Engineering is seeking a senior engineer to enhance our security posture within the cloud and infrastructure domains. The ideal candidate will have extensive experience in cloud security architecture, network security, and infrastructure automation, with familiarity in container and operating system security. Location : Hybrid (3 days in office/2 days remote) – New York, NY or Santa Monica, CA or Aliso Viejo, CA What You'll Do Develop secure Cloud Account Architectures, focusing primarily on AWS, while understanding the trade-offs of various cloud architectures. Design and implement network security strategies using security groups, NACLS, routing domains, and multi-tiered subnet architectures for defense-in-depth. Manage security logging and monitoring infrastructure for cloud-native and third-party data sources, ensuring shipping to Data Lakes and integration with visualization platforms. Operate and manage Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP) such as Wiz, Orca, Prisma, and Rapid7 ICS. Deploy configurations and infrastructure using Infrastructure as Code (IaC) frameworks, such as Terraform, CloudFormation, and Pulumi. Develop and implement governance strategies for infrastructure deployment that integrate security best practices and enhance developer productivity. Architect and implement workload identity services, such as SPIRE (Spiffe), in a heterogeneous multi-cloud environment. Architect and maintain PKI and secrets management platforms to ensure secure storage and access to sensitive information. Write and maintain production-quality APIs to automate security processes, benefiting infrastructure and developer workflows. What Youve Done Expert level experience in AWS cloud account architecture. Expert level knowledge in Network Security, including AWS networking primitives: Security Groups, NACLS, Subnetting, Routing, and egress traffic filtering. Expert level proficiency in Identity & Access Management (IAM) Security, including architecting AWS IAM roles & policy architectures for human and machine access. Expert level communication skills and ability to work effectively across teams. Expert level experience deploying and maintaining configurations and infrastructure using Terraform. Expert level experience with modern CSPM and CWPP tools (Wiz, Orca, Prisma, Rapid7). Intermediate level experience with Secrets / key Management Platforms (e.g., AWS KMS, AWS Secrets Manager, Hashicorp Vault). Expert level experience in building and implementing IaC governance strategies that balance security and developer productivity. Intermediate level experience in architecting & managing Spire (Spiffe) and Service Mesh services. Intermediate level proficiency in Python or Go, and Bash scripting. Intermediate level experience in container & operating system hardening. Intermediate level experience in building & maintaining Web Application Firewalls. Intermediate level familiarity with security frameworks (PCI DSS, CIS, ISO 27001, NIST CSF). Preferred Skills And Qualifications Intermediate level experience in architecting & implementing internal PKI & Secrets Management services. Intermediate level knowledge of Kubernetes (K8s) Security foundations, including admission controllers, K8s Network Policies, K8s RBAC, and K8s Ingress architectures. Intermediate level proficiency in DDoS mitigation techniques using AWS Shield, CDN traffic scrubbing, and origin protection mechanisms. Intermediate level proficiency in Azure. What We Offer Accelerated Growth Environment: An environment designed for swift skill and knowledge enhancement, with the autonomy to lead experiments at scale. Top Tier Compensation Package: Competitive base, equity, and upside aligned with impact. Flexible Time Off: Unlimited Flex Time Off to support work-life balance. Comprehensive Benefits Package: 401k, and premium Health, Vision, and Dental Insurance options. The anticipated gross base pay range is below. Actual compensation will vary based on qualifications, skills, experience, and competencies. Base annual salary is one component of StubHub’s total compensation and benefits package. Salary Range $200,000—$275,000 USD About Us StubHub is the world’s leading marketplace to buy and sell tickets to live events. We operate in 195 countries in 33 languages and 49 currencies. We offer a safe, convenient way to buy or sell tickets and invite you to join our team for a front-row seat to the action. For California Residents: California Job Applicant Privacy Notice found here We are an equal opportunity employer and value diversity on our team. We do not discriminate on the basis of race, color, religion, sex, national origin, gender, sexual orientation, age, disability, veteran status, or any other legally protected status. We’ve included additional postings and location data in this listing to provide context about the role ecosystem, but they are not part of the current opening.
#J-18808-Ljbffr