Experience level: Mid-senior
Experience required: 5 Years
Education level: Bachelor’s degree
Job function: Information Technology
Industry: Financial Services
Total position: 5
Visa : Only US citizens and Green card holders
JOB DESCRIPTION:
- The purpose of Cybersecurity Engineering and Operations is to provide best in class and versatile security services to the enterprise. This position is for a Security Engineer on the Cloud Security Engineering Squad. This position is focused on being a subject matter expert (SME) for Cloud Security Capabilities in both AWS and Azure.
- As a SME, the Lead Cloud Security Engineer is responsible for analyzing complex security issues to improve the overall posture of the company but evaluating new functionalities & ensure preparation for Production implementation.
RESPONSIBILITIES:
- Responsible for evaluating new technologies and services and working with our Architecture team to design and implement holistic security solutions.
- Identify opportunities for automation eliminating manual, mundane activities and improving machine learning capabilities along with providing content for security playbooks.
- Proactively identify deficiencies in security services, propose plans for improvement and implement them.
- Maintain professional and technical process knowledge by keeping abreast of security best practices.
- Document security policies, controls, and processes, and develop runbooks and how-to guides for operational readiness of engineered solutions.
- Evaluate IAM requests from other groups and assure that least privilege is preserved.
- Evaluate and create cloud security baselines and implement monitoring to assure compliance.
QUALIFICATIONS:
- Bachelor’s degree or equivalent experience with 5+ years of industry experience with AWS, Network security, and System security with demonstrated experience in Cloud Security tools such as Aquasec, Inspector, and Dome9.
- One or more of the following certifications: Cloud (AWS, Azure, Google Cloud Platform), CISSP.
- Additional Cloud computing experience with Azure, GCP and Containerization is a plus.
- Experience with vulnerability management, SIEM, compliance to security baselines, and Identity and Access Management in the cloud and on-prem (AD, Ping, ADFS, etc.).
- Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing (NIST 800-53, ISO-27001, etc.).
- Problem solving skills to resolve problems effectively and creatively while maintaining a high level of flexibility, professionalism, and integrity.
- Experience with delivering reliable, available, and high-performance enterprise-scale solutions.
- Programming experience one or more of the following languages: Python, C#, C++, PowerShell, Bash, Terraform, and SQL as well as experience with GIT version control (GITFlow, GitHub, BitBucket, etc.).
- Experience with working in an Agile environment a plus.