Search jobs > Orlando, FL > Cloud security specialist

Cloud Security Specialist

CUES, Inc.
Orlando, FL, United States
Full-time

Cloud Security Specialist

Location :

Orlando, Florida (FL), US

job-location.job-location-inline display : inline;

Building the people that build the world.

With platforms in HVAC and Detection and Measurement, SPX Technologies builds innovative solutions that enable a safer, more efficient, sustainable world.

Through our RiSE talent development framework, we Reach, Identify, Strengthen, and Engage our employees to support them in their continued development.

We're a global company of problem solvers, collaborators, and innovators, and our businesses build solutions that impact the world.

As part of Detection and Measurement, CUES is the world's leading developer of water, wastewater, and storm water inspection equipment.

With CCTV cameras, pre-built vehicles, and software for pipeline inspection and rehabilitation, we improve the safety and reliability of our water infrastructure systems.

How you will make an Impact (Job Summary)

SPX is a diverse t eam of unique individuals who all make an impact. As a Cloud Security Specialist, you will direct and guide all matters related to security architecture design for our established commercial Cloud SAAS application.

You will also serve as the subject matter expert for secure cloud technology design, secure development, and implementation within the CUES software division.

What you can expect in this role (Job Responsibilities)

While each day brings new opportunities at SPX, your core responsibilities will be :

  • Software Security & Design
  • Creating and maintaining security strategy plans and roadmaps.
  • Influencing ongoing planning and execution with measurable benchmarks to show progress or deficiencies.
  • Assessing cloud security risks to establish a baseline gap analysis and ensure security roadmap is designed to meet business requirements.
  • Assisting the Implementation team with migrations from on-prem systems to the cloud platform while establishing a high level of security and compliance.
  • Collaboration & Support
  • Developing and executing strategies to mature the security of our commercial application
  • Maintaining security updates released by AWS to mitigate risks.
  • Providing evolving expertise on security-related issues to CISO-level constituents.
  • Actively participating in architecture forums to champion our product differentiation and security methodology for successful account acquisitions.

3. Continuous Improvement :

  • Documenting all application-specific controls to prepare for SOC2 audit using AWS and 3rd party tools.
  • Ensuring that audit and security logs are collected and shared with the DevOps team for triage, analysis, and incident response with SOC2.
  • Reviewing and improving cloud related policies, standards, and guidelines to ensure security is designed and delivered to meet commercial requirements and SOC2 compliance.
  • Serving as mentor to the CloudOps implementation specialists and analysts.

What we are looking for (Experience, Knowledge, Skills, Abilities, Education)

We each bring something to the table, and we are looking for someone who has :

Required Experience

  • 6+ years' experience with hands-on Security Architecture and / or Engineering.
  • 5+ years' experience with Amazon Web Services (AWS) and / or Microsoft (MS) Azure.
  • 3+ years deploying security strategy and implementation, including the deployment of Security Tools within an AWS ecosystem (Conformance Packs, Foundations Benchmarks, Audit Manager, etc.

Network IPS / IDS, Identity and Access Management (IAM), Zero Trust, Security Access and Service Edge (SASE) and Security Frameworks and Methodologies, and Threat Hunting and Modeling.

  • Hands on expertise with AWS Security Tools including : - AWS Config, CloudTrail, Security Hub, Inspector, Audit Manager, Systems Manager, WAF, etc.
  • Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS / IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools

Preferred Experience, Knowledge, Skills, and Abilities

  • SaaS, IaaS, and PaaS architectural solutions within Amazon Web Services
  • Cloud, DevSecOps, Container Security, IAM patterns, WAF / CDN / DDoS services, security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
  • Working knowledge of security architecture methodologies like SABSA, OSA, O-ESA, security framework and standards like NST CSF, ISO, PIC, SOC2, and best practices like CIS benchmarks, defense in depth.
  • Experience working through SOC 1, SOC2 certification process / report preparation
  • Experience with data protection, cryptography, key management, SAML, AWS Cognito, OKTA, DUO
  • Broad knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems such as Securonix Next Gen, intrusion detection / prevention systems (IDS / IPS) such as Securonix Cloud Ingestor, public key infrastructure (PKI), antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
  • Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies

Education & Certifications

  • Bachelor's degree in Computer Science or related field
  • Master's degree in Information Security, a plus
  • AWS Certified Solutions Architect
  • AWS Certified Security - Specialty
  • ISC2 Certified Information Systems Security Professional (CISSP)
  • COMPTIA Advanced Security Practitioner CE (CASP CE 2023)
  • Microsoft Certified Solutions Expert (MCSE) Cloud Platform and Infrastructure
  • Certified Ethical Hacker (C EH)
  • COMPTIA Security+ CE 2023
  • COMPTIA Network + CE 2023

Travel & Working Environment

  • 8AM - 5PM Monday - Friday
  • Up to 10% travel
  • Office Environment - ability to use computers and office equipment, light lifting and other physical requirements necessary to perform essential job functions.
  • Must be able to lift and carry 30 lbs. for at least 15 feet.

How we live our culture

Our culture is at the center of what we do and, more importantly, who we are. Our core values set a standard for how we manage ourselves, and our Leadership Model sets the standard for how we engage with each other.

Whether you are an individual contributor or you lead a large team, each of us leads at SPX.

What benefits do we offer?

We know that the well-being of our employees is integral. Our benefits include :

  • Generous and flexible paid time off including paid personal time off, caregiver, parental, and volunteer leave
  • Competitive health insurance plans and 401(k) match, with benefits starting day one
  • Competitive and performance-based compensation packages and bonus plans
  • Educational assistance, leadership development programs, and recognition programs

Our commitment to embrace diversity to build a culture of inclusion at SPX

We value different backgrounds, experiences, and voices at SPX, and we are committed to challenging ourselves, openly communicating, and striving to improve every day.

We believe in creating an inclusive work environment where everyone has a voice and is encouraged to realize their fullest potential.

SPX is an affirmative action and equal opportunity employer committed to making selection decisions without regard to race, color, religion, sex, sexual orientation or identity, national origin, age, disability, veteran status, or any other legally protected basis.

4 days ago
Related jobs
Promoted
CUES, Inc.
Orlando, Florida

Cloud, DevSecOps, Container Security, IAM patterns, WAF/CDN/DDoS services, security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies. Broad knowledge of traditional security controls and technologies, such as Security Information and Event Managemen...

Adaptive Solutions Group
Orlando, Florida

AWS Cloud Engineer- Security Specialist. Works with management to implement cloud security policies, procedures, and controls to protect the company’s data and infrastructure in AWS. Implement and manage AWS Security tools like Security Hub, GuardDuty, Inspector, Service Control Policies, and C...

Promoted
KPMG
Orlando, Florida

KPMG is currently seeking a Senior Specialist to join our Federal Advisory practice. Federal Government Secret Security Clearance. ...

Promoted
Buildertrend
Orlando, Florida
Remote

Security Engineer or Cloud Engineer, with a focus on public cloud security and network security required. Work closely with Cloud Engineers and Site Reliability Engineers to implement and manage advanced security technologies and tools on public cloud platforms, such as identity and access managemen...

Promoted
APS Consultants Inc
Orlando, Florida

On the horizon is events at the Convention Center, Security hours at construction sites, Security work at several other buildings downtown. Employment is dependent on Florida licensing(Security only), pre-employment background check (Event Staff Only) and random drug testing (Both Security and Event...

Promoted
MagnoSec, Corp.
Orlando, Florida

Are you a dedicated professional looking for a rewarding career in security? We're seeking committed Security Officers to join our team in Orlando. As a Security Officer with us, you'll play a crucial role in maintaining the safety and security of our premises, assets, and personnel. Your re...

Promoted
Nmble
FL, United States

Our client is hiring an Application Security Engineer focused on application security, DevSecOps best practices, and upholding the company's security standards. Application security experience within banking. ...

Promoted
Bluebird Staffing
FL, United States

The Senior Security Analyst will also serve as a subject matter expertise to departments on issues of Information Security, including technical guidance and training, and designs and implements programs for user awareness, compliance monitoring, and security compliance. We are seeking an Advanced Se...

Promoted
TWO95 International, Inc
Orlando, Florida
Remote

Title: Cloud Infrastructure DevOps Engineer. Have an engineering and an automation first mindset. ...

Promoted
InterEx Group
FL, United States

We are seeking a skilled Network Engineer with a strong focus on RingCentral to join our team. As a key member of the IT team, you will work closely with other engineers, support staff, and business leaders to ensure the efficient and effective delivery of network services. Troubleshoot and resolve ...