LPL Financial
Principal IaC Security Engineer
LPL Financial, Fort Mill, South Carolina, United States, 29715
Are you a team player? Are you curious to learn? Are you interested in working on meaningful projects? Do you want to work with cutting-edge technology? If so, LPL Financial is the place for you!LPL Financial (Nasdaq: LPLA) was founded on the principle that the firm should work for the advisor, and not the other way around. Today, LPL is a leader in the markets we serve, supporting more than 22,000 financial advisors, 1,100 institution-based investment programs, and 500 independent RIA firms nationwide. We are steadfast in our commitment to the advisor-centered model and the belief that Americans deserve access to personalized guidance from a financial advisor.Job Overview:As a member of the Information Security team, the Principal Cloud Code Security Engineer will be responsible for developing, maturing, and sustaining the Cloud Security program with an emphasis on Infrastructure as Code security. This position will partner with the Application Security, Cloud Engineering/Operations, and Security Engineering teams to ensure that company private cloud resources are securely deployed through established automated pipelines.Responsibilities:Implement and maintain appropriate controls within the CI/CD pipelines used to deploy cloud resources to ensure that resources are securely designed and deployed.Review Infrastructure as Code scripts and code repositories using Terraform to identify potential security issues or noncompliance with coding best practices.Implement and maintain tools to perform automated security scanning/analysis of Infrastructure as Code, containers, and serverless functions.Review security scan results and work with Application Development and Cloud Engineering teams to prioritize remediation efforts, review potential false positives, and evaluate potential mitigating factors.Produce and track routine reports/metrics on security vulnerabilities, coding deficiencies, and exposures.Mentor and educate other teams within the organization on secure development and cloud security best practices.Monitor and review CVEs, and industry developments, and provide inputs for continuous improvement.Work with Internal Audit, IT Governance, IT Compliance and other key stakeholder groups on specific projects to ensure compliance with applicable regulatory requirements.Act as an SME in the area of Cloud and Code Security.What are we looking for?We want
strong collaborators who can deliver a world-class client experience . We are looking for people who thrive in a
fast-paced environment, are client-focused, team-oriented , and are able to execute in a way that encourages
creativity
and
continuous improvement .Requirements:8+ years of Cloud experience specifically working with AWS and Azure environments.6+ years of experience specifically working with Infrastructure as Code (Terraform) and helping to secure automated Cloud deployment pipelines.5+ years of experience using Cloud Security and IAC scanning tools including Prisma Code Security or similar tools.5+ years of experience with reviewing and analyzing vulnerabilities, including cloud-related issues, and tracking closure of vulnerabilities.Preferences:Bachelor’s Degree or equivalent in Information Security, Engineering, or Computer Science.Experience developing Infrastructure as Code using tooling such as Terraform, Cloud Formation, or HashiCorp.Expert-level knowledge in securing Infrastructure as Code scripts and Cloud resource deployments.Expert-level knowledge of the major Cloud platforms and their associated resources, common cloud misconfigurations/vulnerabilities and how to securely deploy each resource type.Experience working with Cloud Security Posture Management (CSPM) technologies such as Wiz, Prisma, Laceworks, Orca and Compute Security tools such as Twistlock and Aquasec.Pay Range:
$143,100.00 - $238,500.00. Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play.Join the LPL team and help us make a difference by turning life’s aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.Information on Interviews:LPL will only communicate with a job applicant directly from an
@lplfinancial.com
email address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant’s bank or credit card. Should you have any questions regarding the application process, please contact LPL’s Human Resources Solutions Center at (855) 575-6947.
#J-18808-Ljbffr
strong collaborators who can deliver a world-class client experience . We are looking for people who thrive in a
fast-paced environment, are client-focused, team-oriented , and are able to execute in a way that encourages
creativity
and
continuous improvement .Requirements:8+ years of Cloud experience specifically working with AWS and Azure environments.6+ years of experience specifically working with Infrastructure as Code (Terraform) and helping to secure automated Cloud deployment pipelines.5+ years of experience using Cloud Security and IAC scanning tools including Prisma Code Security or similar tools.5+ years of experience with reviewing and analyzing vulnerabilities, including cloud-related issues, and tracking closure of vulnerabilities.Preferences:Bachelor’s Degree or equivalent in Information Security, Engineering, or Computer Science.Experience developing Infrastructure as Code using tooling such as Terraform, Cloud Formation, or HashiCorp.Expert-level knowledge in securing Infrastructure as Code scripts and Cloud resource deployments.Expert-level knowledge of the major Cloud platforms and their associated resources, common cloud misconfigurations/vulnerabilities and how to securely deploy each resource type.Experience working with Cloud Security Posture Management (CSPM) technologies such as Wiz, Prisma, Laceworks, Orca and Compute Security tools such as Twistlock and Aquasec.Pay Range:
$143,100.00 - $238,500.00. Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play.Join the LPL team and help us make a difference by turning life’s aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.Information on Interviews:LPL will only communicate with a job applicant directly from an
@lplfinancial.com
email address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant’s bank or credit card. Should you have any questions regarding the application process, please contact LPL’s Human Resources Solutions Center at (855) 575-6947.
#J-18808-Ljbffr