Listing Description

At Gradle Inc. our purpose is to bring joy to software builders and value to the business professionals that use it. We are the company behind the Gradle Build Tool, which is one of the top 20 Most Popular Open Source Projects for IT, used by millions of developers, and is downloaded almost 30 million times a month. 

Our commercial product, Gradle Enterprise, is a first-of-its-kind product that software teams use to accelerate and optimize Gradle and Apache Maven™ builds. It comprises several facets including large volume data ingestion and processing, complex data analysis and visualization, and distributed caching and execution systems. 

Our software is used by some of the world's leading software organizations, such as Netflix, Airbnb, Spotify, and Twitter. We regularly collaborate with these and other users to make our products continuously better.

Profile

We are looking for a Cloud Security Engineer to plan, design and implement security infrastructure and tooling across our cloud environment. Our ideal candidate will thrive in a collaborative environment, working with various functional teams to achieve the best solutions for the business. 

Projects are mostly greenfield, giving the candidate the ability to take ownership of their work and implement best in class solutions. The person filling this role will be joining the Security Team, reporting to the Head of Security, and working closely and in collaboration with engineering departments who have responsibility for our cloud infrastructure. 

Responsibilities

• Working with the Head of Security and engineering teams to implement security solutions to protect our cloud infrastructure and CI/CD build platforms. 


• Designing and implementing solutions for key projects such as WAF, IDS/IPS, SIEM, FIM, Vulnerability Management, Hardening and  Anti-Malware


• Reviewing cloud infrastructure for best practices and working with colleagues to implement them


• Documenting, sharing knowledge and training colleagues across other teams, building out Processes and Standard Operating Procedures for effective, reliable operations


• Day to day ownership of infrastructure security tooling


• Securing access to the cloud from remote staff, aligned with the wider Zero Trust architecture of our IT estate. 


• Collaborating with the Infrastructure team to secure our infrastructure deployment 


• Ensuring operational excellence to help us achieve industry certification and our customers trust

Minimum qualifications

• 2-4 years of experience in a similar role - perhaps as part of a team and you are now wanting to step up into a more senior role. 


• Design and implementation experience with common security solutions such as WAF, IDS/IPS, SIEM, FIM, Vulnerability Management, Hardening and  Anti-Malware


• A strong focus on automation for building infrastructure and related tooling


• Experience securing infrastructure in AWS 


• Good understanding of Information Security as a practice


• A broad familiarity with technologies such as;




• Open-source security solutions such as Wazuh, OSSEC, ELK, Zeek/Bro, ClamAV


• Network technologies such as pfSense, Cloudflare Access, Jamf Connect or general Zero Trust Architecture


• Infrastructure technologies such as Kubernetes, Docker and Terraform 


• Operating systems such as Ubuntu, Amazon Linux, MacOS




• Working proficiency and communication skills in written and verbal English

Preferred qualifications

• Experience with infrastructure running JVM workloads 


• Experience automating the software build and delivery process


• Experience securing CI/CD pipelines


• Relevant AWS Certified certifications (eg. Security or Solutions Architect) 


• Experience automating infrastructure deployment in AWS


• Experience with workstation security solutions (eg. SIEM, Zero Trust Access, Incident Response) 


• Experience with other cloud platforms


• Experience taking a startup to ‘scaleup’


• Previous greenfield projects or implementation of a Security Operations Center 


• Contribution to achieving SOC2 or other similar audit


• Past experience in a software development company

What we offer

• Work on a fast-growing product with millions of users and a clear vision for the future


• Cooperation with passionate and experienced engineers and the opportunity to learn from them regardless of your experience level


• Ability to work from any place on the planet in a remote-first environment with flexible working hours


• Opportunities for growth in technical and leadership responsibilities


• Attractive compensation package including company equity

Location

• Anywhere in the world with working conditions that allow for seamless collaboration with your colleagues through email, chat, and video streaming

While our team works remotely and is spread across the globe, we deeply value daily interactions and collaboration. We require working hours to overlap with team member timezones (EMEA or US East)

How to apply

The following is required with your application:

• Submit your cover letter, answers to our application questions and resume via the form below

The next steps will follow our recruitment process.

About us

We are a diverse and inclusive workplace with a global multicultural team that learns from and respects each other. We are committed to advancing diversity and inclusion forward by investing resources in company-wide inclusion trainings, improving recruitment processes and contributing to groups that are committed to advancing racial/social justice and equality.  

Gradle is an equal opportunity employer. We welcome people of different backgrounds, experiences, abilities, and perspectives and consider all qualified applicants without regard to race, color, national origin, citizenship status, gender, gender identity or expression, sexual orientation, religion, disability, age or any other applicable characteristics protected by law.

Visit our careers page to learn more about the company and see other open positions. Visit Glassdoor to read what current and former Gradle employees have to say about the company.

Privacy Notice

For information about our collection, use, and disclosure of applicants’ personal information as well as applicants’ rights over their personal information, please see our Job Applicant Privacy Notice.