Job Openings Sr. Cloud Security Engineer

About the job Sr. Cloud Security Engineer

This position is remote, US.

Expectations

  • US Citizen, Green Card Holder, or H1B/TN Transfer
  • Must be a US resident
  • Must have 7+ years of experience with cloud security or cyber security
  • 2+ years experience working with cloud environment
  • Experienced in cloud networking architecture and cloud operations
  • Experience with Git, Jenkins, Chef, Puppet, and Salt. Docker or Kubernetes.
  • Experience working with Agile methodology
  • Must be a great communicator
  • Bachelor’s degree in business, technology, or relevant field

Additional Expectations

  • 7+ years experience in cybersecurity as a practitioner with at least 2+ years exposure with Microsoft Azure, Amazon Web Services (AWS), or VMware
  • Strong Linux and Windows support skills
  • Experienced in cloud networking architecture and cloud operations, with cloud access security broker (CASB) experience preferred
  • Identity Access Management experience, including OAuth and OpenID
  • Familiarity with security solutions such as Twistlock and Aqua Security, as well as tools such as Docker, Kubernetes, and AWS CloudTrail
  • Experience with scripting languages such as PowerShell, Python, Ruby, and JavaScript
  • Experience and understanding of various regulatory requirements and laws, including but not limited to: Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and Gramm-Leach-Bliley Act (GLBA). Additionally, experience in one or more of the following: ISO 27001/2, ITIL or NIST.
  • Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management, and hardening guidelines
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively
  • Network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP, and public key infrastructure (PKI)
  • Experienced in the use of threat intelligence services in a production environment
  • Demonstrated problem-solving abilities to manage complex local and international security requirements
  • Self-motivated and directed, well-organized, and able to position controls in anticipation of threats
  • Successful track record collaborating with technical and non-technical teams to promote ideas to support business enablement
  • Familiarity with international and state privacy laws
  • Experience writing technical documentation
  • Holds or working toward one or more including: Azure, AWS and VMWare certifications

Job Description

As a Sr. Cloud Security Engineer, you will help architect, deploy, and operate a secure cloud application infrastructure that aligns with business needs. You will support operational innovation and provide security direction to the business to elevate the company’s security posture within a cloud computing infrastructure. You will help deliver applications at scale and with resiliency to support business initiatives.

You will be responsible for:

  • Develop and maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineers
  • Secure business applications and computing environments across public, private, or hybrid cloud infrastructures
  • Protect business applications in compliance with privacy, security, business resiliency, and compliance frameworks as defined in corporate policies
  • Maintain a consistent, secure environment using configuration management solutions (e.g., Terraform, VRA, Ansible etc.)
  • Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts
  • Deploy strong identity and access management (IAM) controls across applications and computing environments
  • Assist with development, maintenance, and utilization of scripts (e.g., PowerShell, Python, Ruby, etc.) to support custom extract, transform load (ETL) tools with a security focus for data flow
  • Attend regular technical project and implementation meetings, and serve as the security consultant to help guide secure application and infrastructure configurations
  • Actively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments
  • Manage remediation efforts after security assessment findings outline weaknesses requiring attention
  • Document, formulate, and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation
  • Assist in maintaining strong oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered.
  • Stay apprised of current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices, and procedures.
  • Act as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teams.
  • Attend and fully engage in change and project management meetings
  • Perform other duties as assigned

The incumbent must possess advanced administrative and troubleshooting skills, and be knowledgeable about architecture, engineering, and design principles. The Senior Cloud Security Engineer should be adept at dealing with disparate applications and data systems to maintain the level of rigor required to adhere to business direction. Along with depth of system coverage, the role requires planning and design of policies and maintenance. General direction is received from the Manager, Cyber Security Operations.

Perks

  • Health, Dental, and Vision insurance
  • Matching 401k plan
  • Gym membership reimbursement
  • Annual bonus
  • Company-paid short-term disability, long-term disability, and life insurance
  • Access to a healthcare concierge service with virtual visits
  • Generous PTO and banking holidays

Or refer someone