Cloud Security Engineer

Overview

Remote
Full Time
Part Time
Accepts corp to corp applications
Contract - W2
Contract - Independent

Skills

Science
Hardening
Risk Analysis
Articulate
DLP
Security Controls
Reporting
Regulatory Compliance
Computer Science
Information Systems
IT Infrastructure Management
IT Infrastructure
Software Architecture
Risk Management
Data Architecture
Middleware
IT Operations
Project Management
Load Balancing
Dragon NaturallySpeaking
DNS
TLS
SSL
SAML
Kerberos
Multi-factor Authentication
Identity Management
Microsoft Azure
Amazon Web Services
Google Cloud
Google Cloud Platform
Internet
Cloud Security
Scripting
Python
Bash
Windows PowerShell
Microsoft Windows
Linux
OS X
Documentation
Attention To Detail
Data Loss Prevention
Information Security
Computer Networking
Firewall
Cyber Security
Software Development
SIEM
SSO
Palo Alto
Proxies
Endpoint Protection
Management
Policies and Procedures
Asset Management
Cloud Computing
Vulnerability Management
Organized
Analytical Skill
Problem Solving
Conflict Resolution
Decision-making
Communication
Collaboration

Job Details

Client - state of NY, Remote role

SCOPE OF SERVICES

The Cloud Security Engineer will work closely with private sector partners and City Agencies to ensure the efficacy of OTI / Cyber Command's defense technologies.

The candidate will bring together business owners, incident responders, and other members of the Security Sciences team to creatively solve complex challenges with engineering solutions.

They will be proficient in the management and use of IAM, CASB, and SSE solutions, Zero Trust principles, MS 365 best practices and hardening.

TASKS:

The Cloud Security Engineer will:

Perform organization wide cybersecurity cloud security risk analysis and articulate identified risks within the agency.

Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the agency

Create and follow a process to track progress against engagements with the agency

Create reporting matrix for identified assessment risk to collect communication flow information, and build high level and low-level documents

Work on CASB and Cloud DLP, interact with vendor support teams, and drive the deployment to resolution

Translate compliance requirements into specific security controls and present compensating security controls

Report to upper management on current cybersecurity posture and progress on mitigating identified risks

Create metrics to measure cybersecurity controls efficacy

Monitor and respond to risk identified to aid the agency on resolution

Review and optimize existing cybersecurity controls

Ensure the organization compliance with cybersecurity best practices, policies and standards

Enforce Cloud security standards

Analyze vulnerabilities and work with the various teams to ensure timely remediation and validation

Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments

MANDATORY SKILLS/EXPERIENCE

Bachelor's degree in computer science, Information Systems or equivalent work experience

At least 12 years of experience in information security

At least 8 years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management

At least 8 years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management

At least 4 years of experience working in cloud environment (Azure, AWS, Google Cloud Platform)

At least 4 years of experience working in securing Internet-facing applications, utilizing MS Entra AD, MS Defender for Office, Skyhigh CASB and Cloud, SSE solutions

At least 4 years of experience working with tools and techniques for collecting and processing Telemetry and Security Event Data.

At least 4 years of experience architecting, deploying, and managing cloud security and/or EDR technology

Experience using scripting languages (Python, Bash, Powershell, etc.)

At least 4 years of experience with Windows, Linux, or MacOS administration

Experience working with vulnerability management and scanning tools

Experience working with application scanning tools

Strong documentation skills and attention to detail

DESIRABLE SKILLS/EXPERIENCE:

Experience deploying PAM solutions in a large, distributed environment or a service provider environment

Experience in implementing and operating Data Loss Prevention Systems

Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy

Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls

Strong understanding of CIS controls

Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems

Experience with SSO and IAM products and services such as Entra ID

Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies

Familiarity with ZTNA/SSE products

Familiarity with CASB/SASE products

Experience with Cloud-based EDR/XDR tools

Experience working with vulnerability management and scanning tools

Experience working with application scanning tools

Knowledge of endpoint security management, configuration policies, and procedures

Experience with asset management and on-prem/cloud-based vulnerability management tools

Highly flexible/willing to learn new technologies

Highly organized with excellent analytical, problem solving and decision-making skills

Excellent communication and collaboration skills


Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.