Job
Description
The Senior DevOps, Platform, and Infra Security Engineer opportunity at FICO's highly modern and innovative analytics and decision platform involves shaping the next generation security for FICO's Platform. You will address cutting-edge security challenges in a highly automated, complex, cloud & microservices-driven environment inclusive of design challenges and continuous delivery of security functionality and features to the FICO platform as well as the AI/ML capabilities used on top of the FICO platform, as stated by the VP of Engineering. In this role, you will secure the design of the next-generation FICO Platform, its capabilities, and services. You will provide full-stack security architecture design from cloud infrastructure to application features for FICO customers. Collaborating closely with product managers, architects, and developers, you will implement security controls within products. Your responsibilities will also include developing and maintaining Kyverno policies for enforcing security controls in Kubernetes environments and defining and implementing policy-as-code best practices in collaboration with platform, DevOps, and application teams. As a Senior DevOps, Platform, and Infra Security Engineer, you will stay updated with emerging threats, Kubernetes security features, and cloud-native security tools. You will define required controls and capabilities for the protection of FICO products and environments, build and validate declarative threat models in a continuous and automated manner, and prepare the product for compliance attestations while ensuring adherence to best security practices. The ideal candidate for this role should have 10+ years of experience in architecture, security reviews, and requirement definition for complex product environments. Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper are preferred. Familiarity with industry regulations, frameworks, and practices (e.g., PCI, ISO 27001, NIST) is required. Experience in threat modeling, code reviews, security testing, vulnerability detection, and remediation methods is essential. Hands-on experience with programming languages such as Java, Python, and securing cloud environments, preferably AWS, is necessary. Moreover, experience in deploying and securing containers, container orchestration, and mesh technologies (e.g., EKS, K8S, ISTIO), Crossplane for managing cloud infrastructure declaratively via Kubernetes, and certifications in Kubernetes or cloud security (e.g., CKA, CKAD, CISSP) are desirable. Proficiency with CI/CD tools (e.g., GitHub Actions, GitLab CI, Jenkins, Crossplane) is important. The ability to independently drive transformational security projects across teams and organizations and experience with securing event streaming platforms like Kafka or Pulsar are valued. Hands-on experience with ML/AI model security, IaC (e.g., Terraform, Cloudformation, Helm), and CI/CD pipelines (e.g., Github, Jenkins, JFrog) will be beneficial. Joining FICO as a Senior DevOps, Platform, and Infra Security Engineer offers you an inclusive culture reflecting core values, the opportunity to make an impact and develop professionally, highly competitive compensation and benefits programs, and an engaging, people-first work environment promoting work/life balance, employee resource groups, and social events to foster interaction and camaraderie.,