Cyber/Cloud Security Engineer FICO

About FICO

Job Description

The Cyber-Security Engineer role at FICO offers an exciting opportunity to be a part of a highly modern and innovative analytics and decision platform, where you will play a crucial role in shaping the next generation security for the FICO Platform. In this role, you will be tasked with addressing cutting-edge security challenges in a highly automated, complex, cloud, and microservices-driven environment. You will work on design challenges and ensure the continuous delivery of security functionality and features to the FICO platform, as well as the AI/ML capabilities utilized on top of the platform. Reporting to the VP of Engineering, you will collaborate with various teams to implement and maintain robust security controls and features. As a Cyber-Security Engineer at FICO, your key responsibilities will include: - Securing the design of the next generation FICO Platform and its services - Supporting full-stack security architecture design for FICO customers, from cloud infrastructure to application features - Working closely with product managers, architects, and developers to implement security controls within products - Developing and maintaining Kyverno policies for enforcing security controls in Kubernetes environments - Collaborating with platform, DevOps, and application teams to define and implement policy-as-code best practices - Contributing to automation efforts for policy deployment, validation, and reporting - Staying updated on emerging threats, Kubernetes security features, and cloud-native security tools - Verifying security implementations within infrastructure and application deployment manifests and CI/CD pipelines - Implementing required controls and capabilities to protect FICO products and environments - Building and validating declarative threat models in a continuous and automated manner - Preparing products for compliance attestations and ensuring adherence to best security practices We are seeking candidates with the following qualifications: - 5+ years of experience in architecture, security reviews, and requirement definition for complex product environments - Familiarity with industry regulations, frameworks, and practices (e.g., PCI, ISO 27001, NIST) - Strong knowledge and hands-on experience with Kyverno and OPA/Gatekeeper (optional but preferred) - Experience in threat modeling, code reviews, security testing, vulnerability detection, and remediation techniques - Hands-on experience with programming languages like Java, Python, etc. - Experience deploying and securing cloud environments (preferably AWS) and containers (e.g., EKS, K8S, ISTIO) - Ability to communicate complex architectural challenges to business leadership and product management teams - Proven track record of independently driving transformational security projects across teams and organizations - Experience with securing event streaming platforms like Kafka or Pulsar - Familiarity with ML/AI model security and adversarial techniques within analytics domains - Hands-on experience with IaC (e.g., Terraform, Cloudformation, Helm) and CI/CD pipelines (e.g., Github, Jenkins, JFrog) At FICO, we offer an inclusive culture that reflects our core values, a chance to make a meaningful impact, and opportunities for professional development. You will enjoy competitive compensation, benefits, and rewards programs, as well as a people-first work environment that promotes work-life balance, employee resource groups, and social events to foster interaction and camaraderie.,