Cloud Security Architect

Japan, Remote /
Information Security /
Full Time
Treasure Data began by offering data warehousing and processing services, since then we’ve moved further up the value chain with our Customer Data Platform application (CDP), which is seeing a lot of traction with customers new and old. Moreover, CDP is the fastest-growing offering we have and is front and center in most major initiatives across the company.

The Security and Trust department of Treasure Data is looking for an enthusiastic individual to join the Security Architecture team as Cloud Security Architect. Our team’s mission is to Secure the Product and to do that we need dedicated people, like yourself, who live and breathe information security in a Cloud environment. You will be building and maintaining Cloud-native systems that our customers and employees rely on, taking special care to continuously improve the security posture.

At Treasure Data, we put a great deal of emphasis on collaboration and maintaining an open work environment, regardless of location. We believe employees should not just work but enjoy doing it - appreciating and valuing working alongside your co-workers goes a long way towards that goal, and we truly believe in ensuring that’s always the case.

Details on Our Environment

    • 100% Cloud-native, primarily on Amazon Web Services (AWS).
    • We oversee an ever-growing multi-account AWS structure.
    • 99% of our servers are Linux.
    • 99% of our workstations are MacOS.
    • 95% of our systems are short-lived and stateless.
    • We work at scale. Petabytes and millions of events per second are everyday occurrences.
    • Dream Big! We believe in autonomy, mastery, and purpose.

What You Bring to Treasure Data

    • Drive Treasure Data’s Secure Software Development Lifecycle with a focus on infrastructure and cloud security.
    • Help proactively assess security risks through infrastructure deep dives, threat modeling, requirements, design, architecture, and implementation reviews.
    • Partner with R&D, IT, DevOps, peers, and security champions on all things cloud security.
    • Engage with customers to understand their security needs, and help them understand what security controls exist in our systems or could exist in the future.
    • Review architecture, vulnerabilities, deployments, misconfigurations, tool findings, etc for ISO/SOC 2/ HIPAA cloud environments.
    • Understand, research, and internalize external cloud vulnerabilities, misconfigurations, and security trends.
    • Identify opportunities for security tooling and automation with the goal of translating the security standards into policy as code.
    • Ideate, prototype, and experiment with tools with the goal to scale Treasure Data’s cloud-first architecture.
    • Help improve security tooling, processes, and how R&D teams approach deployment in their day-to-day work.
    • Be a security advocate and subject matter expert within the organization and be able to effectively communicate security risks and concepts to both technical and non-technical audiences internally and externally.
    • Collaborate closely with the Security, Legal, IT, and R&D teams to create a committed roadmap for security fixes and enhancements.
    • Roll up your sleeves in urgent or reactive situations.
    • Identify current and desired states that will drive the security roadmap of the platform.

Qualifications

    • A minimum of 8 to 10 years of experience in infrastructure security, experience in DevOps, or as an architect in large-scale, distributed software projects with public cloud service providers
    • Have sound security concepts with proficiency in public cloud security, networking, host security, and the shared responsibility model.
    • Hands-on technical expertise in Security Architecture, automation, integration, and deployment (Secure DevOps)Experience in threat modeling and security code reviews with an eye to identifying security flaws.
    • Experience triaging, identifying, and prioritizing security risk with a clear understanding of its impact to an organization.
    • Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc)Experience with CI/CD pipelines and supply chain security.
    • Experience with enterprise architecture and working as part of a cross-functional team to implement solutions
    • Strong interpersonal and communication skills; ability to work in a team environment
    • Ability to work independently with minimal direction; self-starter/self-motivatedAbility to lead client meetings and internal cross-team projects
    • Strong experience with project management software tools, methodologies, and best practices
    • Experience working directly with customers, partners, or third party vendors and developers
    • Familiarity with compliance & security standards across the enterprise Security landscape desired
    • Experience seeing projects through the full life cycle
    • Technical writing experience
    • Fluent in Japanese
    • BS level technical degree
    • CISSP and alike preferred but not required
当社は2011年日本人起業家がシリコンバレーで創業したCustomer Data Platform (CDP)提供企業です。顧客が保有する様々なデータを分析し、広告ターゲティングやCRMにおける顧客コミュニケーションの精度向上に貢献しています。400社以上の各産業リーディングカンパニーに導入頂くと共に、国内外で高い評価を得ており「Frost & SullivanグローバルCDPカンパニー・オブ・ザ・イヤー」「2019年ClickZのベストマーケティングテクノロジーCDP」を受賞しております。
この度、当社のSaaSプラットフォームを保護するために、AWSインフラストラクチャとアプリケーションのセキュリティアーキテクチャの設計、開発、実装をリードする「クラウドセキュリティソリューションアーキテクト」を募集します。

【担当業務】・セキュリティロードマップを推進させる戦略策定・クラウドインフラを保護するためのセキュリティソリューションの設計開発・クラウドネイティブアーキテクチャの設計実装・社内外のステークホルダーとの連携・協働・セキュリティサービス導入時の要件定義及び運用


【必須】
・8~10年以上のセキュリティ/エンジニアリングの実装経験・AWSでのソリューションアーキテクトおよび構築の経験
・セキュリティアーキテクチャ、自動化、統合、デプロイメント(セキュアDevOps)に関する実践的な技術的専門知識
・包括的で幅広いセキュリティ技術およびプロセスの評価、開発、実装、最適化、文書化の経験(SaaS企業における安全なソフトウェア開発、データ保護、暗号化、鍵管理、IDおよびアクセス管理(IAM)、ネットワークセキュリティ)
・一般的かつ業界標準のクラウドネイティブ/クラウドフレンドリーな認証メカニズム(OAuth、OpenIDなど)の実務知識
・クラウド型サービスのサービス指向アーキテクチャの経験
・新技術の導入に伴うセキュリティへの影響や要件を評価するための脅威のモデル化およびデザインレビューの実施経験
・技術的な視点を多様な聴衆に伝え、タイムリーかつ慎重な技術的リスクに関する決定を行った経験
・エンタープライズアーキテクチャの経験、および部門横断的なチームの一員としてソリューションの実装に携わった経験
・優れた対人コミュニケーション能力、チームワークを発揮できる能力・最小限の指示で自主的に仕事をする能力、セルフスターター/セルフモチベーションの高い人
・クライアントとの打ち合わせや社内のクロスチームでのプロジェクトをリードする能力
・プロジェクトマネジメントソフトウェアのツール、方法論、ベストプラクティスに精通していること
・顧客、パートナー、またはサードパーティベンダーや開発者と直接仕事をした経験・テクニカルライティングの経験
・日本語が堪能であること
・BSレベルの技術系学位

【歓迎】
・企業におけるコンプライアンスとセキュリティの標準に精通していること。
・企業リスクマネジメントの手法と技法を深く理解し、多国籍環境において成功に導くことができる。
・CISSPと同様であることが望ましいが、必須ではない
・プロジェクトのライフサイクル全般を見渡した経験

Who we are: 
Treasure Data employees are enthusiastic, data-driven and customer-obsessed. Our actions reflect our values of honesty, reliability, openness and humility. Treasure Data moved to remote-based work in March 2020 and is committed to ensuring it remains agile to accommodate shifting preferences of its workforce. While we are not working shoulder-to-shoulder, we still work side-by-side, finding unique ways to connect and create together while also respecting each other’s life priorities outside of work. We offer competitive salary and benefits and named one of the 2021 Best Places to Work. Treasure Data is an equal opportunity employer dedicated to building an inclusive and diverse workforce. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

What we do: 
Treasure Data is the only enterprise Customer Data Platform (CDP) that harmonizes an organization’s data, insights, and engagement technology stacks to drive relevant, real-time customer experiences throughout the entire customer journey. Treasure Data helps brands give millions of customers and prospects the feeling that each is the one and only. With its ability to create true, unified views of each individual, Treasure Data CDP is central for enterprises who want to know who is ready to buy, plus when and how to drive them to convert. Flexible, tech-agnostic and infinitely scalable, Treasure Data provides fast time to value even in the most complex environments.

Agencies and Recruiters: We cannot consider your candidate(s) without a contract in place. Any resumes received without having an active agreement will be considered gratis referrals to us. Thank you for your understanding and cooperation!