Cloud Security Engineer

Description:

Business Initiative/Purpose: (Goal, Business Impact, Accomplishments from the work)

• Our Current Cloud security toolset is fragmented. This lack of cohesion leaves us more exposed to potential incidents. With-out tool consolidation, Client will experience higher spend cost, lack of centralized "source of truth" for cloud misconfigurations.

Bachelor Degree: (Required, Preferred or Not Required)

• Preferred.

Role Responsibilities: (what they will be doing)

Essential Duties and Responsibilities:

• Following is a summary of the essential functions for this job.  Other duties may be performed, both major and minor, which are not mentioned below.  Specific activities may change from time to time.
• Wiz Platform Deployment & Ownership.
• CSPM, CWPP, CI/CD Integration & Remediation.
• Alerting, Monitoring & Incident Response Integration.
• Remediation, Ownership & Continuous Improvement.
• Cloud Security Engineering & Architecture playbook creation.

Leadership, Strategy & Governance:

• Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing.
• Lead efforts related to designing, planning, enhancing, and testing all Cloud cybersecurity technologies used throughout the enterprise including base-lining current systems, trend analysis, and capacity planning as required for future systems requirements and new technologies.
• Analyze information to determine, recommend, and plan the use of new Cloud information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload, efficient operation and effective use of allotted resources.
• Lead the implementation of new Cloud security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff
• Use sophisticated analytical thought through models, testing, and experience to exercise judgment and identify innovative solutions.
• Responsible for technical support of Cloud security technologies providing expert problem analysis and resolution in a timely manner.
• Creation of CI/CD automation  leveraging Terraform for Cloud Security Services and Modules.
• Leads teams or projects with moderate resource requirements, risk, and complexity.

Must Have Skills/Prior Experiences: (Vendor should not submit any candidate that does not have these skills/prior experience.)

• Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience.
• Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security.
• Previous experience in leading complex IT projects.                      .                                            .

PlNice to Have Sklls/Prior Experiences: (Hiring Manager DOES NOT require these skills/ prior experience. However candidates with any of these will be looked at first.)

• 10+ years Cloud Security experience.
• 6+ years securing AWS/Azure/Google Cloud Platform.
• Deep expertise in Wiz platform.
• Strong experience with CSPM, CWPP, CI/CD security.
• Strong automation and scripting background.
• Experience in Global 100 or Fortune 50 environments.
• Wiz Architect/Practitioner certifications.
• AWS/Azure/Google Cloud Platform security certifications.
• Banking or financial services experience.
• Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.).
• Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.).
• Certification in Information Security Management (e.g. Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM)), or related security certification(s).                   

EEO:
“Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”