Senior Security Engineer-Cloud

Position Summary:

AAMVA’s Security team is looking for a highly motivated, self-starter, certified senior security engineer, who enjoys the challenge of working in a fast pace environment.  The engineer will be primarily tasked with the implementation of security in the Microsoft Azure cloud using code and automation.  The engineer will join a team of skilled engineers and become a key contributor to the Security DevOps practice.  The engineer must be comfortable with scripting, and possess a broad understanding of cloud technologies, including containerization. The engineer must be detailed oriented, security minded and highly reliable.

Essential Duties and Responsibilities: 

• Implement and support security operations of production workloads in Microsoft Azure using code and automation
• Key contributor to the Security DevOps practice
• Conduct security analysis, troubleshooting, and threat hunting as required
• Participate or conduct security reviews
• Conduct security continuous monitoring activities and internal security compliance audits
• Participation in the development and maintenance of security standards, procedures and knowledge based articles
• Participate in an on-call rotation schedule
• Propose and implement as pertinent, new security solutions to address AAMVA future security challenges, conduct proof of concept
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks 

Direct Reports to this Position: 

• None

Qualifications:

Formal Education: 

• Bachelor’s degree
  • College level courses and/or equivalent work experience may be substituted
• General security certifications such as CISSP, CISM, CISA or equivalent
  • Ability to obtain the certification within 3 months of starting
• Technical certifications: AZ-500 Microsoft Azure Security Technologies or equivalent
  • Ability to obtain the certification within 3 months of starting

Knowledge, Skills and Abilities Required: 

• Six to eight years of experience in supporting Windows environment in a Systems Engineer or Security Engineer capacity
• Strong technical knowledge and solid hands-on experience in securing a Windows environment
• Solid understanding of all common security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, PKI, SIEM, DLP, etc.
• Strong experience with scripting languages, preferably PowerShell, JSON
• Solid understanding of network concepts and network monitoring tools such as Wireshark
• Excellent communication skills, written and oral
• Excellent inter-personal skills: ability to interact and get along well with all layers of personnel
• Excellent problem-solving skills and ability to work under pressure
• Practical experience with developing and present technical documentation such as architecture diagrams
• Experience working in highly regulated environments (NIST SP 800-53, ISO 27001…) is a plus
• Experience with AKS, Azure security constructs (e.g. Azure policies), and other is a definitive plus.
• Experience with Git and other DevOps toolsets is a plus
• Experience with Linux and Linux security is a plus
• Working knowledge of FISMA and/or NIST publications is a plus
• Ability to adapt quickly to new technologies and changing business requirements
• Flexible schedule allowing to work outside of standard business hours when necessary
• United States citizenship required

Disclaimer Statement: The preceding job description has been written to reflect management’s assignment of essential functions. It does not prescribe or restrict the tasks that may be assigned.

 AAMVA is an Equal Opportunity Employer—M/F/D/V