Job Description:
• Lead threat modeling and security reviews across Wiz's products and cloud infrastructure, identifying attack surfaces and developing scalable mitigation strategies
• Build automation, policy-as-code, and security tooling that enables development teams to "shift left" and integrate end-to-end security into their workflows
• Design and implement secure baselines for cloud resources and Kubernetes based infrastructure
• Drive vulnerability management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls in software supply chains from development through production
• Extend detection and response capabilities – building scalable solutions to identify malicious activity, triage alerts, and investigate and remediate incidents
• Collaborate with Wiz Federal team – extending DevSecOps and Product Security practices to Wiz's FedRAMP environment and ensure it meets key security requirements
• Build deep functional partnerships with Wiz's engineering and operations teams – helping them deliver secure-by-design solutions
Requirements:
• 7+ years of experience in security engineering or security operations work in cloud environments
• Strong AWS cloud security experience (equivalent Azure and GCP considered)
• Cloud native Kubernetes services (EKS/GKE/AKS) and strong container security principles
• Deep understanding of securing IAM and cloud identities at scale
• Proven ability to lead technical security reviews of products and architectures and conduct threat modeling
• Practical understanding of web application security concepts (such as OWASP Top-10)
• Hands-on experience with IAC and related tools (Terraform, CloudFormation, Helm, Pulumi)
• Experience with automation and tooling development in one or more: Python, Go, Shell, HCL, Rego
• Bachelor's degree in computer science or a related field and/or equivalent job experience in lieu of a degree
• Experience working with remote, globally distributed teams
• Experience working in organizations that develop software and/or operate managed infrastructure and technology services for their own customers
• Experience with CNAPP, CSPM, or CIEM solutions
• Applicants may be required to provide evidence they meet EAR part 772 and ITAR 120.15 definition of a U.S. person and reside in the contiguous United States
• Applicants must have the legal right to work in the country where the position is based, without need for visa sponsorship
Benefits:
• Medical, dental and vision insurance
• Home Office Setup reimbursement
• Flexible Spending Accounts
• Monthly Connectivity reimbursement
• Employee Assistance Program (EAP)
• Short- and Long-term Disability Insurance
• Life & Accident Insurance
• 401(k) Retirement Savings Plan (with employer match)
• Flexible paid time off + 11 paid holidays
• Paid leave programs, including parental, pregnancy health, medical and bereavement leave
• Eligible to participate in Wiz’s equity plan
• May include incentive compensation