Network Security Architect (CTO Office)
Bloomberg's Office of the CTO is the future-looking technical arm of Bloomberg L.P. We envision, design and prototype the next generation infrastructure, hardware and applications that interface in all aspects of the company including financial products, broadcast and media, data centers, internal IT and our global network. We are passionate about what we do.
Networks are becoming more and more sophisticated, and Bloomberg's network footprint is growing to meet increasing client demand. As infrastructure has evolved, so too has the sophistication of attackers, searching for policy gaps to exploit. Being so deeply connected to every aspect of the financial industry, we value complete coverage.
As a member of the Security Analytics and Identity Architecture team, you will help us design, secure, and monitor our network infrastructure. You'll have influence over Bloomberg's overall security policy, and will guide engineering partners to build security tools and work with operational security groups to define our policy. From research to production, you'll be prototyping, working with partners across the firm, communicating with vendors, and collaborating with SRE teams to bring your ideas live. What's in it for you:
Our team focuses on the critical aspects of securely bringing Bloomberg's services to hundreds of thousands of customers every day. We have a holistic view of how infrastructure, from the fiber transiting bits of data, through to the high-level application services that run on top of that, impact Bloomberg's security posture. You'll define roadmaps, support building tools to define policy intent, execute policy deployment, and introduce technologies and methodologies to support our policy goals. We'll trust you to:
- Take a technical leadership role in defining strategies for delivering services securely and with proper controls
- Foster developing technology to make engineer-friendly, service-aware policy definition tools
- Design tools and strategies to manage proxy-based controls, firewalling and host-based ACLs
- Collaborate with partners in our CISO's office and Engineering
- Guiding engineers as we identify security vulnerabilities across our systems, and remediate
- Provide requirements to internal development teams and external vendors, and foster a culture of security consciousness across Engineering and Product You'll need to have:
- 5+ years of experience automating network infrastructure, including at least one of the areas of policy, inventory management and visibility
- 3+ years of experience developing automation technology with Python, Ruby, Go or other languages used in infrastructure automation
- An understanding of modern and legacy data center networks, as well as WAN architecture
- Expertise in Ansible, Chef, Salt, Nornir, and other infrastructure automation technologies.
- A hands-on, teamwork-oriented approach, focused on building consensus and managing through influence We'd love to see:
- Understanding of the challenges operating trusted infrastructure in public cloud environments, as well as on-premises
- Practical concerns about offerings at infrastructure edge (i.e. load balancers, reverse proxies, etc.)
- Experience with managing service edge security, especially around
- Exposure to infrastructure security controls for Kubernetes, OpenStack
- A UNIX systems background
Bloomberg is an equal opportunities employer, and we value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.