Infrastructure Security Architect - CTO Office
New York, NY
Posted Jun 7, 2019 - Requisition No. 75469
The Bloomberg CTO Office is the future forward technical arm of Bloomberg L.P. We envision, design and prototype the next generation infrastructure, hardware and applications that interface in all aspects of the company including financial products, broadcast and media, data centers, internal IT and our global network.
We are the CTO Security Architecture group. We solve complex security problems to enable innovative new products, and prototype the next generation of infrastructure security technologies. Whether we’re designing and analyzing our network policies and access controls or automating the preventive discovery of security issues on the cloud, our goal is to define the future of how we secure Bloomberg’s infrastructure. That’s where you come in.
As an infrastructure security architect, you’ll be trusted to enhance network and cloud monitoring infrastructure, provide guidance for usable infrastructure security, ensure that logical infrastructure security controls are manageable at our scale, and much more. Your leadership skills will influence the roadmap for future security technologies, while working alongside motivated engineers across the company to keep Bloomberg at the cutting edge. Our team works across many areas of security architecture, and you will have the opportunity to focus on the projects you are passionate about and bring your expertise to help reach our team’s goals.
We'll expect you to:
- Take a leadership role in defining tools, techniques and technologies used to secure and monitor Bloomberg’s infrastructure
- Support new product development, guiding teams to appropriate security architectures
- Prototype infrastructure technologies, and understand how they fit into Bloomberg's existing environment
- Foster a culture of security consciousness while understanding the trade-offs between security, usability and performance at the large scale
- Help develop strategies to secure Bloomberg’s network or cloud infrastructure (both our private cloud and any activities in public cloud)
You’ll need to have:
- 5+ years of experience building, maintaining and managing security aspects of large-scale infrastructure
- 3+ years of programming experience in C/C++, Java, Python, Rust and/or Go.
- An understanding of how networking, software infrastructure and applications all impact security posture of an organization
- Experience working with mission critical, large-scale distributed applications and products
- A track record of building collaborative relationships with stakeholders across many functions, with a focus on correctness, scalability and usability of distributed infrastructure.
- Past experience developing usable security tools in a professional setting or open source, as well as an understanding of tools to automate the software development lifecycle
We'd love to see:
- Experience with policy automation, ideally for one of desktop, backend or network infrastructure
- Working knowledge of publisher/subscriber, message bus and distributed computing architectures such as Hadoop, Kafka, MQ, etc.
- Experience with Container technologies such as Docker and Kubernetes
- A working understanding of network protocols and network visibility technologies, especially for the collection of flow information
- Knowledge of virtualization technology and an ability to reason around modern threat models for cloud security (including forensics and/or incident response)
- Prior experience with various types of web proxies and managing authentication flows around them
- Working knowledge of large-scale data processing technology, and experience leveraging data to drive decision making