Senior Cloud Security Engineer
Posted on Jan 6, 2021 by Request Technology - Craig Johnson
*Position is bonus eligible*
Prestigious Enterprise Company is currently seeking a Senior Cloud Security Engineer. Candidate will work across multiple teams to improve the security posture of our cloud environments (AWS, Azure, GCP, etc.). The Senior Cloud Security Engineer should have experience in architecting, deploying and operating a secure cloud application infrastructure that aligns with business needs. This individual is responsible for supporting digital innovation and providing security direction to the business to elevate the company's security posture within a cloud computing infrastructure. The individual in this role should be knowledgeable about architecture, engineering and design principles. They should also be adept at dealing with disparate applications and data systems to maintain the level of rigor required to adhere to business direction. The individual in this role must be highly technical and demonstrate experience in security and systems administration across a wide variety of cloud infrastructure, including software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS).
- Develop and maintain cloud security standards and processes in Tandem with architects and system engineers.
- Secure business applications and computing environments across public, private or hybrid cloud infrastructures.
- Provide oversight of security configuration settings and security operations to reduce risk to enterprise systems and accounts.
- Planning, designing and implementing the security for cloud infrastructures specifically AWS, Azure and GCP
- Evaluate and design Cloud Access Security Brokers (CASB) solutions
- Working with networking and operations teams to design virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI)
- Security configuration of Docker, Kubernetes and AWS CloudTrail
- Develop strong security controls to implement across cloud-based enterprise applications and computing environments.
- Assist with review and implementation of security configuration of data flow across environments
- Manage remediation efforts highlighted by security audits or assessments.
- Attend regular technical project and implementation meetings and serve as a security consultant to help guide secure application and infrastructure configurations.
- Actively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments.
- Assist in maintaining strong oversight with cloud computing vendors, solution providers and managed service providers to safeguard against undue risk presented by external entities.
- Escalate to security management and business unit leads when points of weakness are discovered.
- Participate in incident response activities to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teams.
- Serve as a mentor and provide leadership to others on the team.
Bachelor's degree required or equivalent work experience 5 or more years of applicable security experience Ability to write scripts in languages such as Python, BASH, or PowerShell for automation Proven technical skills in multiple information security domains Knowledge and understanding of modern cyber threat actors, their motivation, scenarios, tools, tactics and procedures Experience with cloud infrastructures specifically AWS, Azure and GCP Experience with architecture, engineering and design principles Network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI) Familiarity with Docker, Kubernetes and AWS CloudTrail.