Security Engineer - Product & Production Infrastructure
Job Description
Come join the organization that is redefining security for the AI era. As one of the fastest-growing startups ever, we enable teams to secure cloud and AI applications by connecting code, cloud, and runtime into a single shared context. Trusted by security teams all over the world, we have a proven track record of success and a culture that values world-class talent. Not to mention, we're now powered by Google, meaning we offer our customers an AI-powered platform that harnesses Google’s Threat Intelligence and Security Operations to better detect, prevent, and respond to threats across all environments, allowing for further innovation.
Our Wizards from all over the globe work together to protect the infrastructure of our customers, including over 50% of the Fortune 100, who trust us to scan and secure over 230 billion files daily. We’re honored to be a leading player in a massive and growing market, and we continue to look for exceptional Wizards who are eager to make a significant impact on our team. At Wiz, you’ll have the freedom to think creatively, dream big, and use your full range of skills to contribute to our momentous growth. Come join our team and help us create secure cloud environments that allow even the best companies to move faster, all while having some fun!
SUMMARY
Wiz is looking for a Security Engineer for Product & Production Infrastructure who has experience performing security reviews, vulnerability management, and detection and response operations in cloud-native environments. You’ll get to collaborate with our software development and DevOps teams to secure Wiz’s products, CI/CD infrastructure, and production infrastructure. You’ll also have the opportunity to influence our product roadmap by utilizing Wiz-for-Wiz to assess, monitor, and harden our environments.
WHAT YOU’LL DO
- Lead threat modeling and security reviews across Wiz's products and cloud infrastructure, identifying attack surfaces and developing scalable mitigation strategies
- Build automation, policy-as-code, and security tooling that enables development teams to "shift left" and integrate end-to-end security into their workflows
- Design and implement secure baselines for cloud resources and Kubernetes based infrastructure
- Drive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls in software supply chains from development through production
- Extend our detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
- Build deep functional partnerships with Wiz's engineering and operations teams – helping them deliver secure-by-design solutions
WHAT YOU’LL BRING
- 7+ years of experience in security engineering or security operations work in cloud environments, with a focus on the below:
- Strong AWS cloud security experience (we will also consider equivalent experience in Azure and GCP with some level of AWS experience)
- Cloud native Kubernetes services (EKS/GKE/AKS) and strong container security principles
- Deep understanding of securing IAM and cloud identities at scale
- Proven ability to lead technical security reviews of products and architectures, conduct threat modeling exercises, and translate findings into actionable security controls
- Practical understanding of web application security concepts (such as OWASP Top-10 and similar)
- Hands-on experience with IAC and related tools (Terraform, CloudFormation, Helm, Pulumi)
- Experience with automation and tooling development in one or more: Python, Go, Shell, HCL, Rego
PREFERRED QUALIFICATIONS
- Bachelor's degree in computer science or a related field and / or candidates with equivalent job experience in lieu of a degree
- Experience working with remote, globally distributed teams
- Experience working in organizations that develop software and/or operate managed infrastructure and technology services for their own customers
- Experience with CNAPP, CSPM, or CIEM solutions
Applicants must have the legal right to work in the country where the position is based, without the need for visa sponsorship. This role does not offer visa sponsorship.
Wiz is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.
By submitting your application, you acknowledge that Wiz will process your personal data in accordance with Wiz's Privacy Policy.