Overview
Skills
Job Details
No third parties please !
Our client is in the infancy stages of a AWS migration effort and is seeking a Cloud Security Engineer who will be responsible for reducing cloud security risk by taking a quantifiable risk-based approach to cloud security guardrails, monitoring, and processes and strengthening the security controls required by oversight agencies and companies. The Cloud Security Engineer will assist team members in various aspects of cloud security such as cloud threat modeling, cloud security best practices recommendations, and cloud security configurations.
Responsibilities include:
(1) Cloud Security (85%)
Provide guidance on the security analysis of cloud services, APIs, and log payloads to ensure adherence to organizational policy and best practice.
Analyze cloud cybersecurity requirements, technologies, risks, and issues.
Partner with cloud engineering teams to establish security baselines and best practices.
Provide security guidance to cloud engineering teams encompassing perimeter, misconfigurations, asset visibility, policies, container, patching cadence, and vulnerability scanning.
Provide guidance on the selection, implementation, and ongoing monitoring of cloud security services including the design of reporting metrics.
Work with the information security team to develop and implement cloud security processes to track and report compliance and risk status to external agencies and customers, as appropriate.
Build, maintain, upgrade, and continuously improve cloud-based security systems.
Architect and implement security controls for AWS-hosted applications and multi-tenant environments (Azure)
Design and maintain secure infrastructure patterns using Infrastructure as Code
(2) Incident Response (10%)
Participate in incident response activities under the guidance of IT leadership and Manager, Information Security Risk Management Operations
Create, automate, and maintain cloud security incident response playbooks
Improve automated threat detection and response capabilities
Improve automated threat detection and response capabilities
Lead cloud security incident investigations and response efforts
Participate on the company Security Incident Response Team; and, on the Infrastructure Security Vulnerability Work Group.
(3) Continuous Improvement (5%)
Actively and passively seek feedback from business customers.
Support and help implement continuous process improvements.
Bachelors degree in computer science, Information Technology, Cybersecurity or related field.
A minimum of 7 years- experience working in a cloud environment on security projects related to government and other regulatory requirements
Required certification: CISSP
Preferred certifications: AWS Certified Security Specialty, CCSP, any similar AWS cloud certifications
Required knowledge of regulatory requirements: FEDRAMP & AWS Shared Responsibility Matrix (Required)
One or more of the following regulatory requirement is preferred: FIPS, FISMA, NIST, HIPAA, HITECH, Privacy Act, ISO, OWASP, SOX, GLBA, PCI, and State Laws on Cybersecurity.
At least 4 years of direct hands-on professional experience working with AWS security and cloud tools. Security Hub is required, along with services Inspector and EC2. Nice to haves include: GuardDuty, Detective, IAM.
Experience with DevSecOps and shift-left security principles, including the implementation of automated security tools.
Knowledge of Threat modeling and ability to perform Cloud Security Risk Assessments.
Good understanding of IAM, CI/CD Pipelines, CloudFormation, and IoC concepts within AWS environment.
Experience implementing and deploying MFA, Conditional Access Policies, and Identity Risk Policies.
Apply today for immediate consideration !! I look forward to hearing from you !!