Sysco LABS is the innovation arm of Sysco Corporation (NYSE:SYY), the world’s largest foodservice company. Sysco is the global leader in marketing, selling and distributing food products as well as equipment and supplies to the hospitality industry. Sysco serves over 500,000 customer locations through its team of over 65,000 associates and operates 300 distribution facilities across the globe.
Sysco is re-imagining the global foodservice industry: our Sysco LABS engineering teams based out of Colombo, Sri Lanka, Redwood City, CA and Austin and Houston TX, will help to drive innovation across the entire supply chain – sourcing of food products, merchandising, storage and warehouse operations, order placement and pricing algorithms, delivery of food and supplies to Sysco’s global network – culminating in the in-restaurant dining experience for the end-customer. Operating with the agility and efficiency of a tech–startup and backed by the domain expertise of the industry leader, Sysco and the Sysco LABS team is poised to revolutionize one of the biggest industries in the world.
We are currently on the lookout for a Senior Information Security Engineer – Cloud Services to join our team.
What you will be responsible for:
- Ensure the security of all Sysco LABS’ cloud infrastructure, data, applications, configurations and intellectual property (such as code and documentation) against all types of cyber threats.
- Lead the development, documentation and adoption of effective company-wide policies to achieve the above.
- Work closely with Product, Engineering, Quality and other teams and provide technical expertise to ensure security from the design stage all the way to deployment, with a focus on DevSecOps.
- Routinely audit AWS infrastructure, policies, accounts and provide audit reports to senior management on identified risks and recommendations.
- Conduct application security tests (DAST/Manual) for applications releases while providing mitigation recommendations to the DevOps teams.
- Respond to and, when appropriate, resolve or escalate security incidents, threats and vulnerabilities
- Assist and train corporate personnel in the use of cloud security best practices and the resolution of security issues.
- Perform all regular cloud infrastructure management duties, in addition to security responsibilities
- Automation and scripting via PowerShell, Python, Perl, Bash or Chef.
What you need to have to apply for this position:
- 4+ years of proven DevOps experience with implementing and automating Cloud DevSecOps including extensive experience in cloud-based DDoS protection services such as AWS Advanced Shield in a production environment.
- Solid understanding of Amazon Web Services (AWS) including VPC, ELB, EC2, KMS, IAM, Config, Cloud Watch, CloudTrail, CloudFormation, Lambda, and others.
- Knowledge of network based, system level and application layer attacks and mitigation methods.
- Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment and maintaining security in CI/CD processes.
- Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security.
- Hands-on knowledge on DevOps methodologies and tools like SVN/GIT, Jenkins, JIRA, confluence and various monitoring/alerting tools.
- AWS certification along with other security certifications such as CISSP, SSCP, SAST, DLP, IDS/IPS is an added advantage.
- Excellent technical troubleshooting skills on Linux.
- Ability to utilize scripting languages such as Python, Bash and Perl and automation tools such as Chef and Ansible.
- Good interpersonal skills, including the ability to work successfully in an Agile, DevOps team environment
- Strong oral, written, and presentation abilities – able to convey risk to all levels of the business, from executives to operations and development teams.
Why you should join Sysco LABS:
- An attractive base compensation and benefits package which is comfortably above market rates.
- The opportunity to work with high caliber individuals across the organization.
- Technical training and soft skills development programs.
- Fast career growth, recognition and senior leadership opportunities for good performers.