Cyber/Cloud Security Engineer (5+ years of Exp) Kubernetes, Kyverno & DevSecOps

Hybrid work model: 3 days in-office per week

As a part of FICO's highly modern and innovative analytics and decision platform, the Cyber-Security Engineer will help shape the next generation security for FICO's Platform. You will address cutting-edge security challenges in a highly automated, complex, cloud & microservices driven environments, including design challenges and continuous delivery of security functionality and features to the FICO platform as well as the AI/ML capabilities used on top of the FICO platform.

• Secure the design of next-generation FICO Platform, its capabilities, and services.
• Support full-stack security architecture design from cloud infrastructure to application features for FICO customers.
• Work closely with product managers, architects, and developers on implementing security controls within products.
• Develop and maintain Kyverno policies for enforcing security controls in Kubernetes environments.
• Collaborate with platform, DevOps, and application teams to define and implement policy-as-code best practices.
• Contribute to automation efforts for policy deployment, validation, and reporting.
• Stay current with emerging threats, Kubernetes security features, and cloud-native security tools.
• Proof security implementations within infrastructure & application deployment manifests and CI/CD pipelines.
• Implement controls for the protection of FICO products and environments.
• Build & validate declarative threat models continuously and automatically.
• Prepare products for compliance attestations and ensure adherence to security best practices.

• 5+ years of experience in architecture, security reviews, and requirement definition for complex environments.
• Familiarity with industry regulations like PCI, ISO 27001, NIST.
• Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper (plus).
• Experience in threat modeling, code reviews, security testing, vulnerability detection, and remediation techniques.
• Hands-on experience with programming languages such as Java, Python.
• Experience deploying services and securing cloud environments, preferably AWS.
• Experience with containers, orchestration, and mesh technologies (EKS, K8S, ISTIO).
• Ability to communicate complex architectural challenges effectively.
• Independently drive security projects across teams.
• Experience with securing event streaming platforms like Kafka or Pulsar.
• Knowledge of ML/AI model security and adversarial techniques.
• Hands-on experience with IaC tools (Terraform, CloudFormation, Helm) and CI/CD pipelines (GitHub, Jenkins, JFrog).

• An inclusive culture reflecting our core values: Act Like an Owner, Delight Our Customers, Earn Respect.
• Opportunities to make an impact and grow professionally.
• Highly competitive compensation, benefits, and rewards.
• An engaging, people-first work environment promoting work/life balance, resource groups, and social events.