Cyber/Cloud Security Engineer

• The Cyber-Security Engineer role at FICO offers an exciting opportunity to be a part of a highly modern and innovative analytics and decision platform, where you will play a crucial role in shaping the next generation security for the FICO Platform. In this role, you will be tasked with addressing cutting-edge security challenges in a highly automated, complex, cloud, and microservices-driven environment. You will work on design challenges and ensure the continuous delivery of security functionality and features to the FICO platform, as well as the AI/ML capabilities utilized on top of the platform. Reporting to the VP of Engineering, you will collaborate with various teams to implement and maintain robust security controls and features.As a Cyber-Security Engineer at FICO, your key responsibilities will include:- Securing the design of the next generation FICO Platform and its services- Supporting full-stack security architecture design for FICO customers, from cloud infrastructure to application features- Working closely with product managers, architects, and developers to implement security controls within products- Developing and maintaining Kyverno policies for enforcing security controls in Kubernetes environments- Collaborating with platform, DevOps, and application teams to define and implement policy-as-code best practices- Contributing to automation efforts for policy deployment, validation, and reporting- Staying updated on emerging threats, Kubernetes security features, and cloud-native security tools- Verifying security implementations within infrastructure and application deployment manifests and CI/CD pipelines- Implementing required controls and capabilities to protect FICO products and environments- Building and validating declarative threat models in a continuous and automated manner- Preparing products for compliance attestations and ensuring adherence to best security practicesWe are seeking candidates with the following qualifications:- 5+ years of experience in architecture, security reviews, and requirement definition for complex product environments- Familiarity with industry regulations, frameworks, and practices (e.g., PCI, ISO 27001, NIST)- Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper (optional but preferred)- Experience in threat modeling, code reviews, security testing, vulnerability detection, and remediation techniques- Hands-on experience with programming languages like Java, Python, etc.- Experience deploying and securing cloud environments (preferably AWS) and containers (e.g., EKS, K8S, ISTIO)- Ability to communicate complex architectural challenges to business leadership and product management teams- Proven track record of independently driving transformational security projects across teams and organizations- Experience with securing event streaming platforms like Kafka or Pulsar- Familiarity with ML/AI model security and adversarial techniques within analytics domains- Hands-on experience with IaC (e.g., Terraform, Cloudformation, Helm) and CI/CD pipelines (e.g., Github, Jenkins, JFrog)At FICO, we offer an inclusive culture that reflects our core values, a chance to make a meaningful impact, and opportunities for professional development. You will enjoy competitive compensation, benefits, and rewards programs, as well as a people-first work environment that promotes work-life balance, employee resource groups, and social events to foster interaction and camaraderie.,

Sign-in & see how your skills match this job

Sign-in & Get noticed by top recruiters and get hired fast

AWS, Helm, Github, Jenkins,Kyverno, OPAGatekeeper, EKS, K8S, ISTIO, Terraform, Cloudformation, JFrog

Automation, Continuous Delivery, Software Development Life Cycle, Agile Methodologies, Security, Cloud Computing, Artificial Intelligence, Machine Learning, Risk Management,AWS Cloud Services, CICD, Application Resiliency, Compliance Processes

AWS, Helm, Github, Jenkins,Kyverno, OPAGatekeeper, EKS, K8S, ISTIO, Terraform, Cloudformation, JFrog

Automation, Continuous Delivery, Software Development Life Cycle, Agile Methodologies, Security, Cloud Computing, Artificial Intelligence, Machine Learning, Risk Management,AWS Cloud Services, CICD, Application Resiliency, Compliance Processes