Overview
On Site
Full Time
Skills
Cloud Architecture
Evaluation
Microsoft Azure
Google Cloud
Google Cloud Platform
SIEM
Articulate
Technical Drafting
Dashboard
Operational Efficiency
Scripting
Architectural Design
Risk Management
Sarbanes-Oxley
System On A Chip
PCI DSS
FFIEC
Gramm-Leach-Bliley Act
Testing
Threat Modeling
Security Analysis
Microsoft
SAP BASIS
Communication
Management
Amazon Web Services
KPI
Reporting
Cloud Security
Incident Management
Regulatory Compliance
Documentation
Auditing
Collaboration
Cloud Computing
Security Controls
IaaS
Job Details
Cloud Security Engineer
The Cloud Security Engineer plays a vital role in supporting Comerica's cloud security posture by assisting in the monitoring, analysis and protection of cloud-based infrastructure and services. This role will involve working with cloud security tools, including AWS GuardDuty, CloudTrail, CloudWatch, CNAPP.
This role will also develop and implement security processes and solutions that protect our cloud environments. The incumbent will be responsible for the ongoing assessment and compliance with required security guidelines across our enterprise computing landscape, ensuring robust security measures are in place.
Position Responsibilities:
Cloud Security Monitoring
Security Automation & Tools Implementation
Risk Management -- Compliance and Regulatory Adherence
Administration and Communication
The Cloud Security Engineer plays a vital role in supporting Comerica's cloud security posture by assisting in the monitoring, analysis and protection of cloud-based infrastructure and services. This role will involve working with cloud security tools, including AWS GuardDuty, CloudTrail, CloudWatch, CNAPP.
This role will also develop and implement security processes and solutions that protect our cloud environments. The incumbent will be responsible for the ongoing assessment and compliance with required security guidelines across our enterprise computing landscape, ensuring robust security measures are in place.
Position Responsibilities:
Cloud Security Monitoring
- Perform Cloud focused investigations by analyzing logs and services relevant to the underlying cloud service provider.
- Design, implement and support secure cloud architecture across various platforms (e.g. AWS, Azure, Google Cloud Platform).
- Support cloud scanning and monitoring coverage evaluation on AWS, Azure & Google Cloud Platform.
- Process SIEM tools enhancement requests, support design, build, test and deploy.
- Support development, documentation, and maintenance of operationally effective playbooks to deal with Cloud-based incidents.
- Clearly and concisely articulate any recommendations that arise from investigative activities and converse confidently with both technical and non-technical stakeholders as needed.
- Assess and recommend cloud security best practices, tools, and technologies.
- Propose changes to the technical design solutions as applicable.
- Maintain detailed documentation for procedures and incidents.
- Prepare and present regular security reports and dashboards to management.
Security Automation & Tools Implementation
- Develop and integrate automated security solutions to ensure sufficient coverage, improve operational efficiency and reduce manual intervention.
- Develop and maintain automated security processes and scripts to streamline cloud security operations.
- Work closely with other functional infrastructure areas/departments on multiple initiatives to meet organizational/business goals & objectives.
- Participate in planning guidance on short term & long-term planning to meet ongoing business & operational needs.
- Participate in and contribute to project teams on architectural, design development, integration opportunities, planning of complex systems & assures it is aligned to our established strategies, guiding principles, rationales & practices.
Risk Management -- Compliance and Regulatory Adherence
- Ensure the cloud infrastructure complies with industry regulations (e.g. SOX, SOC 2, PCI-DSS, FFIEC, GLBA).
- Participate in audits and assessments related to cloud security and compliance.
- Participate in audits and assessments to ensure that cloud environments meet security standards and regulatory compliance requirements.
- Participate in testing and analysis of procedures and systems to prepare for emergencies.
- Actively participate in threat modelling of new services/capabilities, readiness exercises such as purple team, and tabletops.
- Security assessment with AWS, Microsoft and other 3rd party vendors as needed.
- Support the process to assess and create monitoring rules within the CNAPP tool that follow existing integrated procedures and provide updates on a recurring basis.
- Provide evidence of controls that the policy gaps are now being monitored.
Administration and Communication
- Security tools administration. Configure and manage cloud native tools like AWS GuardDuty, AWS Security Hub.
- Metrics and KPI tracking and reporting on cloud security performance, such as incident response times, policy compliance.
- Maintain detailed security documentation and reports for internal and external stakeholders, including audit reports, formulating procedures.
- Collaborate closely with cloud engineering teams to integrate security controls into the cloud infrastructure and development pipelines.
- Develop designs for projects that have low to medium complexity.
- Other duties as assigned.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.