Security Cloud Engineer

• Support engineer for customers, as well as the more junior members of the team.
• Work with the customer and lead architect on designing and implementing Virtual Private Cloud VPC environments, including compute, storage, database, networking, security etc. in the CSP ecosystem.
• Deep technical expertise across multiple technical domains including cloud computing, security, identity and access management and IT infrastructure.
• Strong technical knowledge on AWS Infrastructure & security services (EC2, ELB, Guardduty, Config, Inspector, Security Hub, RDS, Route53, S3, vpc, vpn, tgw, cloudwatch, cloudtrail, eventbridge, etc.).
• Hands on experience in terraform IaC deployments and ability to implement security automation.
• Strong experience working on enterprise security solutions such as WAF, IPS, DDOS, and SIEM.
• Good technical experience managing products like Splunk enterprise security, Tenable Nessus, PaloAlto firewall, Cortex XSOAR.
• Cloud security knowledge in the areas of CSPM, Endpoint security solutions and Vulnerability Management.
• Familiarity with DevSecOps tools and processes, and CI/CD systems.
• Experience with cloud containers and/or Kubernetes security best practices.
• Good understanding of security controls related to regulatory requirements, such as NIST, PCI, ISO 27001, HIPAA compliance etc.
• Deploy/Manage CSP environments including VPN solutions between regions and subnets.
• Manage CSP Image architecture including the development of machine templates and blueprints.
• Leading junior team members through deployment and implementation of systems infrastructure projects and overseeing the Cloud environments based on customer requirements.
• Validation to ensure that the environment meets all security and compliance controls.
• Creating knowledge articles and run books for solutions developed.
• Architecture certification (Google, Amazon, Azure) from a major cloud platform.
• Information Security Certification is a plus: ISO 27001, CISSP or CISM or other equivalent.
• Experience working on FedRamp compliant projects is a plus.
• Experience working in 24x7 Operations and Managed Service model, supporting external customers.
• Long working knowledge and experience of AWS (Azure and Google Cloud Platform optional) Services and Offerings such as Infrastructure, Networking, Messaging, Application Services, Migration Services, Cost Management Platform.
• Working knowledge of Configuration Management (Ansible preferred) Continuous Integration Tools (GitLAB, GitHub, Jenkins).
• Can work autonomously, deliver with minimal supervision from a set of requirements.
• Prior experience provisioning and spinning up Kubernetes Clusters and managing Kubernetes installations.
• Hands on Terraform experience.
• Ability to function in an agile-based environment and provide good daily feedback on team stand-up call.
• Proven experience of Security and Vulnerability management and related tools (OKTA, Tenable, TrendMicro, XSoar, CyberARK).
• In depth knowledge of UNIX/Linux and Windows Environment.
• End to End configuration & trouble shooting of the web and application servers (Nginx, Apache, Tomcat, IIS).
• Production experience to build scalable systems (load balancers, memcached, master/slave architectures).
• Experience supporting a managed services infrastructure (Public cloud).
• Prior work with Cloud Monitoring tools (Dynatrace preferred, DataDog, Nagios, Cacti, CloudWatch, Gnaglia, etc.).
• Experience with Docker, Kubernetes, Mesos, NoSQL databases (DynamoDB, Cassandra, MongoDB, etc).
• Other Open-Source tools used in the infrastructure space (Packer, Terraform, Vagrant, etc.).

Custom Skill Requirements:

1. Sr. Cloud Engineer
2. Sr. Security Cloud Operations Engineer
3. AWS Infrastructure
4. FedRamp
5. Terraform