Senior Cyber Security Engineer, Cloud and CI/CD Pipeline Security

Senior Cyber Security Engineer, Cloud and CI / CD Pipeline Security Senior Cyber Security Engineer, Cloud and CI / CD Pipeline Security

Overview

Reporting to the Head of Cybersecurity Engineering Services, the position will be responsible for the maintaining of and continuous improvement to Guardian's security infrastructure.

The individual will be challenged with working across a heterogeneous cross functional technology stack, delivering on key projects, performance enhancements, innovation, and responding to escalated security technology issues.

The Guardian Cyber Security Engineering team engineers, builds and owns a broad variety of cutting-edge security controls that fall in the domains of Network, Endpoint, Data, Identity, Cloud and Application security within the Secure CI / CD Pipeline and are deployed within SAAS, PAAS, Private and Public IAAS environments.

The Team is also responsible for ensuring efficiency, effectiveness, and resiliency of the said controls.

The team assesses and prioritizes the modernization and effectiveness of Guardian's cyber security technology. The Security Engineering team partners with other Guardian cyber security and technology service teams & suppliers to build effective protective / detective controls, ensure their efficient and highly available operations, designs Security Monitoring and Response Use Cases with the goal to create robust countermeasures.

The selected team member will follow a Secure DevOps methodology to support infrastructure as code that aligns with Guardian's strategy to shift-left and be proactive in remediating potential misconfigurations and vulnerabilities within thepany's CI / CD pipelines.

You Are :

• A seasoned and experienced engineer who can translate mission, objectives, and goals into well-sequenced technical activities and who strives to get technology operating efficiently, reliably, by requiring the minimum of human intervention.
• Someone who thrives to partner & collaborate across thepany to deliver outstanding service to our internal business and technology colleagues by endorsing and promoting thepany's values, goals, and success factors.

You Will :

• Design, implement, operationalize, and maintain cutting-edge Cloud, Pipeline and Application security technologies on-premises and in the Cloud.
• Perform risk andpliance self-assessments; identify, document, and remediate risks associated with defects in the current implementation or limitations of the above security controls.
• Conduct vendor and product feature assessments and proof of concepts to help Guardian maintain the best-in-class cyber security technology portfolio.

Partner with other technology teams to define and implement Guardian cyber security strategy.

• Design and operationalize, through code development, the automated workflows for response to operational issues and for deployment of configuration changes.
• Partner with other technology teams to enhance Guardian CI / CD Pipeline with additional security controls and to broaden the self-service capabilities of Guardian Cloud environment.
• Resolve escalated service issues and coach other engineers on troubleshooting efforts.
• Partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards.
• Provide advisory consulting services on the topics of cloud, pipeline and application security to the leadership, partner teams, internal customers;

work withpany suppliers on product enhancements.

• Enhance existing and develop new processes, procedures, and baselines with respect to cyber security and the use and operation of information systems.
• Support internal and external audit andpliance reviews, lead the team on gathering requirements and evidence, and provide timely responses.
• Drive initiatives to grow the cyber security mindset and best practices across thepany, with an emphasis on gaining measurable results

You Have :

• Intellectual curiosity and proven record of spotting anomalies and inconsistencies and identifying creative solutions to resolve security control deficiencies and to optimize performance.
• Strong analytical, critical thinking, and problem-solving skills, to assess the level of risk and potential impact of sub-optimal implementation of security controls to mitigate new cyber threats and reduce attack surfaces to the enterprise.
• Understanding of configuration best practices and performance baselines.
• 5+ years of experience with implementing and operating Cloud Security controls in the domains of Network, Endpoint, Data, and Identity Security.
• Knowledge of CI / CD pipelineponents and the integrations with the various security controls; knowledge of GIT.
• Working knowledge of Python, Terraform, programming and operating of Jenkins.
• Proven ability to interpret and correlate the data produced by various event sources network security devices, operating systems, web servers, Public Cloud IaaS, endpoint security agents, etc.
• Ability to further develop DevSecOps skillset to implement various security controls, define infrastructure as code, deploy cloud-based security services.
• Working knowledge of using an enterprise-grade SIEM to build dashboards, alerts, and reports.
• Strongmunication and documentation skills; ability to develop reference documentation, network diagrams, standard operating procedures, process workflow and decision tree diagrams.
• Excellent organizational skills. You are detail-oriented and have an ability to manage and follow up on multiplepeting priorities effectively.
• Customer-focused demeanor; excellent interpersonal skills and a sense of humor.
• Bachelor's degree in information technology or any STEM discipline; master's degree is preferred.

Nice to have

• Developer-level knowledge of some of the following technologies : Puppet, Ansible, Splunk Phantom, Active Directory Group Policy.
• Experience with consuming vendor APIs.
• Knowledge of Microsoft Windows PowerShell.
• Recognized Security Industry and Public Cloud IaaS certifications (AWS, Azure, GCP).
• Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.)
• Familiarity with ITIL; experience with incident, problem, change, and risk management.

Location & Travel :

2 days a week at our offices in Holmdel, NJ, Bethlehem, PA, Stamford CT and New York, NY

Salary Range

$114, - $187,

The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate.

In addition to salary, this role may also be eligible for annual, sales, or other incentivepensation.

Our Promise

At Guardian, you'll have the support and flexibility to achieve your professional and personal goals. Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to buildmunities and grow your career, surrounded by diverse colleagues with high ethical standards.

Inspire Well-Being

As part of Guardian's Purpose - to inspire well-being - we aremitted to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues.

Health Care

• Choice of high deductible / copay medical plans* with prescription drugs, including coverage for fertility and transgender inclusive benefits
• Dental plan
• Vision plan
• Health care accounts - flexible spending, health reimbursement, and health savings accounts
• Critical illness insurance

Life and Disability Insurance

Accident insurance

Retirement and Financial

401(k) retirement plan with apany match, plus an annual age / service-basedpany contribution and an annual profit-sharing contribution, if applicable

Time Off and Remote Work

• Flexible work arrangements (part in-person / part remote)
• Unlimited paid time off for most roles plus time off for volunteering, jury duty, voting, and bereavement
• Personal holidays for colleagues to use in recognition of religious, cultural, or civic days
• Paid parental leave and paid family and medical leave policies

Emotional Well-being and Work-Life

• Emotional well-being, mental health, and work / life resources powered by Spring Health
• Wellness programs, including fitness program and equipment reimbursement
• Child, adult, and elder back-up care support through Bright Horizons
• Adoption assistance
• College planning
• Tuition reimbursement
• Student loan assistance

Equity & Inclusion

Opportunities to build inclusive and meaningful connections through involvement in colleague-led affinity groups :

• Employee Resource Groups :
• Colleague Connectionmittees

A culture that encourages colleagues to bring their authentic selves to work

• Voluntary self-ID
• Pronunciation and phonetic spelling of names

Benefits apply to full-time eligible employees. Interns are not eligible for mostpany benefits.

Equal Employment Opportunity

Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law.

Amodations

Guardian ismitted to providing access, equal opportunity and reasonable amodation for individuals with disabilities in employment, its services, programs, and activities.

Guardian also provides reasonable amodations to qualified job applicants (and employees) to amodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship.

If reasonable amodation is needed to participate in the job application or interview process, to perform essential job functions, and / or to receive other benefits and privileges of employment, please contact applicant amodation@glic. Job ID R000103289