Innovations - Cloud Security Architect
Job Description: Employer:
Blackstone Firm Overview:
Blackstone is one of the world's leading investment firms. We seek to create positive economic impact and long-term value for our investors, the companies we invest in, and the communities in which we work. We do this by using extraordinary people and flexible capital to help companies solve problems. Our asset management businesses, with $554 billion in assets under management, include investment vehicles focused on private equity, real estate, public debt and equity, growth equity, opportunistic, non-investment grade credit, real assets and secondary funds, all on a global basis. Further information is available at www.blackstone.com . Follow Blackstone on Twitter @Blackstone . Business Unit:
Innovations Business Unit Overview
Blackstone Innovations (BXi) is the technology team at the core of each of Blackstone's businesses and new growth initiatives. Serving both internal and external clients, we work to build the next generation of systems that manage risk, create efficiency and improve transparency within the firm and across our broad community of investors and portfolio companies.
BXi is nimble and entrepreneurial - our open, iterative design processes and rapid pace of development means that everyone on the team has the opportunity to make an impact from day one. We are problem solvers who can take projects from idea to implementation. We believe in active mentoring and developing excellence. We collaborate to find the best answers for our customers and for Blackstone. We are critical to the firm maintaining its competitive edge. Job Title:
Cloud Security Architect Job Description:
Blackstone's Application Security Team is responsible for empowering 125+ developers to build securely on current platforms (on-premise) and enable engineering teams to build security into new platforms (on cloud infrastructure). You will lead an ambitious team of engineers that is responsible for evolving how Blackstone "does security" as it transitions workloads to AWS.
You will lead the team in architecting, designing and implementing a cloud infrastructure security strategy that enables BXi to leverage the agility of the cloud while maintaining its desired level of risk. In addition, you will maintain and build close relationships with engineering leaders to incorporate security into the platform and tools that will become the foundations that developers build on. Along the way you will enable the wider Cybersecurity team to take responsibility for their domains within new platforms. Responsibilities:
- Provide regular updates to stakeholders on progress and revisions to Blackstone's cloud infrastructure security strategy. Develop KPIs to measure the success of the cloud security program and team. Improve operational excellence by meeting SLAs and prioritizing automation projects to reduce manual work.
- Partner with engineering and engagement teams to drive product roadmaps by providing security requirements that map security controls to service features. Clarify and prioritize stakeholder commitments as well as establish and maintain clear chains of accountability within and across teams.
- Assist junior team members in especially complex or contentious projects such as governing AWS resources, implementing Sentinel policies in Terraform Enterprise, or hardening the infra-as-code pipeline. In such cases, act as senior escalation point to resolve disagreements or unclear expectations with other teams.
- Provide expert advice and consultancy to internal customers on risk assessment, threat modeling, and security vulnerability mitigation. This will involve understanding AWS service interdependencies and driving secure technical solutions for multi-tiered systems.
- Leadership Skills
- Identifying opportunities that provide value by pragmatically balancing agility and security
- Achieving outcomes that are "customer-centric" and from a foundation of consistent "first principles"
- Ability to recognize the unique ambitions of team members and empowering them to grow their strengths and careers
- Managing a team to a strategy and shared set of values, and delegating work effectively
- Ability to craft a message/tell a story to educate and influence others
- Maintaining relationships with stakeholders, influencing peers toward a common vision
- Demonstrated willingness to challenge current state and passion for continuous improvement
- Strong experience with AWS including understanding common components (IAM, EC2, S3, RDS, DynamoDB, Lambda, ELB, etc.) and common design patterns
- Professional (or very strong self-taught) software development experience
- Python experience is a must
- Experience accessing the risk of applications and architectures including threat modelling, building attack trees and communicating potential vulnerabilities relative to business impact
- Experience doing this with cloud-native workloads is a must
- Experience with infrastructure-as-code tooling including how to build, manage and deploy
- Terraform is a must. Jenkins and CloudFormation experience are a plus
- Experience with containers
- Kubernetes experience is a plus
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, sexual orientation, national origin or any other category protected by law.
If you need a reasonable accommodation to complete your application, please contact Human Resources at 212-583-5000 (US), +44 (0)20 7451 4000 (EMEA) or +852 3656 8600 (APAC).
The Blackstone Group and its affiliates provide equal employment opportunity to all qualified employees and applicants for employment regardless of race, color, creed, religion, sex, pregnancy, national origin, ancestry, citizenship status, age, marital or partnership status, sexual orientation, gender identity or expression, disability, genetic predisposition, veteran or military status, status as a victim of domestic violence, a sex offense or stalking, or any other classification prohibited by applicable law.
To submit your application please complete the form below. Fields marked with a red asterisk * are required in order to enter into a possible employment contract (although some can be answered " prefer not to say "). Failure to provide this information may compromise the follow-up of your application. When you have finished click Submit
at the bottom of this form.