Procter & Gamble D&A Hosting Platform Security Engineer in Warsaw, Poland
D&A Hosting Platform Security Engineer
Background P&G has declared a Cloud First strategy and will be moving most of our workloads to the Cloud over the next few years. At the same time Core Data Lake and Data Hubs Program led by Data & Analytics Organization (D&A) is leveraging Cloud to transform BI and Analytics for the company, harmonizing various data types and allowing standard solutions tailored specifically for unique needs of specific Business Units.
As D&A Hosting Platform Security Engineer you will be leveraging strong technical info security and management skills to build, verify/test and improve compliance of D&A Hosting Platform capabilities (primarily Azure) leveraged by D&A Data Hubs application teams, help driving compliant architecture and build security knowledge / provide consultancy in that area. D&A Hosting Platform team aims at transforming newest technologies to secure, performant, stable, cost effective and flexible business capabilities that support P&G’s key business cases in a PaaS way - targeting automation and self-service, so you will work collaboratively with rest of the team to ensure all objectives are properly met.
Responsibilities: * Working regularly with P&G Information Security team to understand P&G Security Processes, Policies and Tools at the Network, Transport, Storage and Application Layers * Staying on top of industry cloud security capabilities * Ensuring Core Data Platform and Data Hubs are compliant with P&G Security Standards, Guidelines and Best Practices o operations access auditing, vulnerability mitigation coordination o driving and measuring Core Data Platform and Data Hubs resources Security compliance o Drive security from Source to Consumption (Data Movement, Processing and Consumption APIs) o Identity security controls gaps and provide guidance/plans to comply with mandatory security controls (Technical Security Standards) for IaaS and PaaS deployments in cloud. * Creation and execution of a “D&A Security Calendar” encompassing all regular and ad-hoc Security Engineer tasks and obtaining InfoSec approval for it. * Work with DEVOPS on holistic patch management plan to provide structure and flexibility to individual application teams while maintaining security compliance; work with Infrastructure & Network Engineers on the execution plan * Drive or leverage capabilities (Containers, infrastructure automation/configuration tools) to support effective patching and compliance. * Consult Capability Engineers, Infrastructure & Network Engineers, Utility Engineers and D&A DevOps - to build in security compliance in their Blueprints, Testing strategies, Best practices and multiple projects o iRisk, pen-testing, security scanning o documenting security results per application * Working with InfoSecurity, Cloud COE, Cloud Operations and Cloud Service Partners to understand and troubleshoot security incidents and concerns for cloud capabilities used by Data & Analytics applications. * "Deep" Problem Management support (investigate and find permanent fixes where Prod is having to use a work around due to problems caused by security tools or required security configuration). * Incident management for major Security incidents, including close collaboration with Network Team, Cloud COE, Cloud Operations and Cloud Service Partners - acting as L3 for major incidents escalations for own scope (may happen outside of work hours or weekends). * Creating automation scripts (PowerShell, Python, Azure Automation) to drive compliance, or to understand infrastructure health.
Job Qualifications: * Strong technical knowledge and demonstrated experience in each of the following areas (1 or more of each domain): o Experience working with MS Azure Cloud Computing Platform & Services (different resources, offerings and tools), including Azure Security Center o Understanding of Cloud security capabilities o Understanding of security tools for vulnerability scanning, cloud security compliance, container security, AV/Malware, ATP, dynamic/static scan and threat analysis. o Understanding of DEVSECOPS practices. o Stewardship experience to ensure services are compliant with relevant P&G policies (Security, Governance, etc.). * Overall understanding of infrastructure and Platform components (network, servers), technical knowledge and experience in Hosting and related technologies (data center, cloud [IaaS, PaaS], computing, Windows, Linux, storage, backup, virtualization, etc.), have a passion for these domains, and can learn technologies quickly. * Experience working on Information Security matters at an infrastructure platform level or must have the desire to grow in infrastructure or application platform security via this role. * Ability to quickly penetrate technology areas and ask appropriate and relevant technical questions. * A valid EU work permit and the ability to work from the Warsaw (Targówek) location
Desirable skills: * Knowledge of PowerShell and/orLinux environment and shell (bash) scripting * Knowledge of Kusto Query Language, Azure LogAnalytics * Knowledge of Elastic Search & Kibana * Experience in some infrastructure automation/configuration tool – Ansible, Chef, Puppet or similar - you know how those can help with large-scale, complex deployments. * Knowledge of PowerBI * Qualifications (can be built on the role): o CISSP Certified o Microsoft Certified: Azure Security Engineer Associate or Administrator Associate or Developer Associate
Personal qualities: * Excellent communication skills (English) with both technical and non-technical colleagues from geographically distributed teams on all organizational levels. * Problem-solving attitude (we don’t like excuses; we like solutions) * Proactive, initiative taking and not afraid to challenge the status quo (we hire smart people for a reason - we’re looking to you to help us improve) * Experience working with external companies * Being a team player. Big projects aren’t developed by individuals – you need to work with others well
Skills You Can Expect to Learn/Build on this Job * Deep Technical knowledge and experience in cloud BI & Analytics relevant capabilities. * Big Picture understanding of the GBS organization and its Services. * Expertise working in global multifunctional team on Cloud Platforms * Industry Certifications (ITIL, DevOps, Azure, ...)
We offer: * P&G-sized projects and access to world leading IT partners and technologies from day one. * Work in international team with global responsibilities. * Coaching programs, trainings and cloud certifications (e.g. cloud or analytics certifications) * Opportunity to change role every few years to be in the best place for you and best for P&G. * Flexible work arrangements (working less than full time, work from home) * P&G Vibrant Living programs (sport cards, in-office fitness center) * Competitive starting salary and benefits program (private health care, PG stock, saving plans). * Regular salary increases and possible promotions - all in line with your results and performance.
Job: Information Technology
Title: D&A Hosting Platform Security Engineer
Requisition ID: IT 00001919