Job Requisition ID #
26WD96862
Position Overview** **
We are seeking experienced and motivated Security Engineer who will develop and lead secure configuration and hardening efforts within our Secure Posture Management team. In this role, you will design, implement and advance Autodesk’s Secure Posture Management strategy for secure configuration baselines, cloud hardening, IaC security, vulnerability visibility, and golden image pipelines. This role requires deep technical expertise, strong hands-on and automation skills, and the ability to influence engineering teams across the organization. You will collaborate and partner with diverse engineering teams across Autodesk.
Your expertise in secure configuration, system hardening, and cloud security will ensure that Autodesk’s systems, services, and platforms meet the highest security standards and align with industry best practices and regulatory requirements.
**Job Responsibilities **
Define and execute a unified security posture management strategy including CSPM, secure configuration, golden image pipelines, IaC templates, and vulnerability management.
Develop and refine standards for secure cloud configurations in alignment with industry frameworks, such as CIS or NIST benchmarks.
Develop and maintain hardened baselines (CIS, NIST) across cloud environments, Windows, Linux, and container platforms.
Develop security artifacts, tooling and automations using tools such as Python, PowerShell, Groovy or Ruby.
Use Cloud Security Posture Management (CSPM) tooling to continuously monitor multiple cloud environments (AWS, Azure, GCP) for misconfigurations, security gaps and compliance issues.
Operate and optimize CSPM tooling and drive remediation of cloud misconfigurations.
Regularly reporting on security posture and mitigation progress to executive stakeholders.
Work with development teams to enhance features and ease of use for our golden image, Infrastructure as Code (IaC) pipelines, and embed secure configurations from design to runtime.
Monitor and remediate drift from security standards to ensure security across all environments.
Oversee the secure posture management program and lead remediation efforts across all cloud and data center assets.
**Minimum Qualifications **
Bachelor's degree in computer science, information security, or a related field.
8+ years of experience in information security or development, with a focus on secure configuration, enterprise security, cloud security, posture management, and vulnerability management.
Deep understanding of secure configuration and hardening frameworks, such as CIS Benchmarks, DISA STIG, NIST 800-53/190.
Strong proficiency in development, building automation and security tooling, such as Git, Artifactory, Jenkins, Spinnaker, scripting languages such as Python, PowerShell, Groovy or Ruby.
Extensive experience with CSPM tools and secure configuration tools and platforms such as Tenable, Prisma Cloud, Orca, or Wiz.
Experience in developing/managing golden image pipelines, CI/CD and IaC templates (Terraform).
Hands-on experience with cloud providers, AWS, Azure or GCP, and strong knowledge of native security services.
**Preferred Qualifications **
Master's degree in computer science, information security, or a related field.
Certifications such as CISSP, CCSP, OSCP, AWS Security Specialty, or similar.
Hands-on experience across multiple cloud platforms: AWS, Azure, and GCP.
Expertise in secure software development, API automation, and integrating security checks into CI/CD pipelines.
Ability to design and deliver complex security automation at scale (IaC modules, policy-as-code, cloud guardrails).
Strong understanding of compliance frameworks (SOC2, ISO 27001, FedRAMP, PCI-DSS) as they relate to configuration and vulnerability management.
Proven ability to identify potential threats and vulnerabilities.
Ability to lead complex security projects, with hands-on experience to create and develop systems and services.
Lifelong learner with a commitment to continuous improvement.
Excellent written/verbal communication skills and ability to present complex security topics to non-technical stakeholders.
Learn More
About Autodesk
Welcome to Autodesk! Amazing things are created every day with our software – from the greenest buildings and cleanest cars to the smartest factories and biggest hit movies. We help innovators turn their ideas into reality, transforming not only how things are made, but what can be made.
We take great pride in our culture here at Autodesk – it’s at the core of everything we do. Our culture guides the way we work and treat each other, informs how we connect with customers and partners, and defines how we show up in the world.
When you’re an Autodesker, you can do meaningful work that helps build a better world designed and made for all. Ready to shape the world and your future? Join us!
Salary transparency
Salary is one part of Autodesk’s competitive compensation package. Offers are based on the candidate’s experience and geographic location. In addition to base salaries, our compensation package may include annual cash bonuses, commissions for sales roles, stock grants, and a comprehensive benefits package.
Diversity & Belonging We take pride in cultivating a culture of belonging where everyone can thrive. Learn more here: https://www.autodesk.com/company/diversity-and-belonging
**Are you an existing contractor or consultant with Autodesk? **
Please search for open jobs and apply internally (not on this external site).