CLOUD INFORMATION SECURITY ENGINEER

Job Description

Job Description

Overview

Cloud Security Engineers are responsible for the secure operations of cloud infrastructure, platforms, and software, including the installation, maintenance, and improvement of cloud computing environments.

They also help develop new designs and security strategies across cloud-based and hybrid applications, infrastructure, platforms, and SaaS.

Leads the analysis, implementation, execution, and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems.

Conducts research and provides leadership updates regarding advanced attempts / efforts to compromise security protocols.

Maintains and reviews security systems while assessing security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration, or denial of access to information.

Follows standard practices and procedures in analyzing situations or data.

This position reports to the Director of Information Security.

Responsibilities

The primary duties and responsibilities of the Cloud Security Engineer are :

• Assessing Existing Infrastructure and Identifying Threats.
• Providing recommendations on New Infrastructure and Threat Modeling to assist in stakeholder decisions.
• Developing, solutioning, operating, maintaining, and supporting a secure cloud environment with technologies including but not limited to : Servers, Storage, Network services, Enterprise applications, Cloud platform support, Automation, CI / CD, Managing cryptography and encryption, IAM, Threat Detection, Logging, PKI, SaaS, and PaaS.
• Monitoring for and responding to incidents in cloud environments.
• Keeping cloud infrastructure current, making recommendations, and continually improving cloud security technologies.
• Analyzing, designing, and developing programs, shell scripts, tests, and infrastructure automation capabilities.
• Develop security standards in partnership with Engineering, Infrastructure Services, and Application Development.
• Representing the cloud security team in change control activities and ensure proposed changes are in alignment with security best practices.
• Staying abreast with security standards and emerging vulnerabilities / threats to proactively resolve / remediate / mitigate.
• Engage in digital forensics to investigate breaches or security incidents in the cloud.
• Collaborate with Disaster Recovery and Business Continuity Teams and play a pivotal role in developing, testing, and refining disaster recovery plans tailored for cloud environments.
• Empower the Security Compliance and Data Protection Team to audit cloud environments to ensure compliance and pinpoint areas of improvement.

Using metrics and KPIs to drive and further Security Posture Initiatives.

• Establish and maintain a feedback mechanism where security measures are not only implemented but also refined based on feedback to enhance security protocols continuously.
• Performing other security team relevant duties and responsibilities as assigned.
• Participate in incident response activities as assigned.

Qualifications

• Experience in designing, deploying and operating secure cloud solutions, including design documentation, assessment of risk, cost impact, and proposal of savings.
• Experience with Cloud Security Posture Management, Cloud Workload Management, SaaS Security Posture Management, Cloud Network Security, Cloud Native Application Protection and Cloud Identity Security.
• Deep technical knowledge of on-prem Data Center technologies as well as Cloud Service, PaaS and SaaS Providers.
• Has experience writing formal security assessments and ad-hoc security reports.
• Experience working as part of a security incident response team as needed and key escalation point for all cloud related incidents.
• Experience delivering security metrics and measurement capability to demonstrate operational security posture.
• Experience in data protection and privacy management.

Skills Required

• Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus.
• Clear ability to build strong relationships and establish trust with stakeholders at all levels.
• Excellent verbal and written communications skills. Multiple language abilities preferred fluency in English (written and spoken) required.
• Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner.
• Ability to solve complex problems in a timely manner by working with multiple stakeholders.
• Ability to manage multiple tasks and work streams effectively.
• Ability to follow detailed procedures and processes with a high degree of accuracy.
• Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product.
• Deep understanding of Cyber Security control environments and their relationship to zero-trust networks.
• Display a keen ability to adapt to new tools, technologies, and evolving threat landscapes in the realm of cloud security.
• Experience in 3 or more of the following : network design, mobile security, network and firewall security technologies, SaaS / PaaS Security, vulnerability management or penetration testing.
• Flexibility to travel as required up to 15% overnight travel.

QualificationsExperience / Education / Certifications

• Bachelor’s degree preferred in Computer Sciences, Information Technology, Information Security or other related field
• Three (3) years or more experience with architecting and operating solutions involving one or more cloud service providers Microsoft Azure, AWS, GCP, etc.
• Five (5) years of Cyber Security related work experience
• Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series.
• At least one industry standard certification such as CCSK, CCSP, Certified Information Systems Security Professional (CISSP), or other Cloud Security certification.

IndeedSHRSS

LI-Hybrid

zipcorporate