The Cloud Security Engineer

Overview

On Site
Accepts corp to corp applications

Skills

Cyber Security
CISSP
CICD
AWS

Job Details

The OpportunityThe Cloud Security Engineer position at Ally is a member of the Information Protection and Risk Management team and works closely with other members of the IPRM program to identify, manage, and mitigate security risks at Ally.

The engineer is part of a broader team of security engineers reporting to the Director, Cloud Security who are responsible for developing, deploying, and integrating technical controls and tools to meet specific security requirements, as well as defining processes and standards to ensure that security configurations and tools are maintained.

This is a project focused resource within the organization and will focus on designing and implementing both technologies and governance processes focused on our cloud platforms.

This resource will have potential opportunity to transition into a longer-term engagement to continue to mature and improve the SaaS security service.The Work ItselfDefine and mature cloud-focused security policies and controls (governance, processes, frameworks)Identify, Implement, and Operationalize security technologies and processes to improve visibility and reduce riskLeverage data analytics to influence our cloud security posturePartner with other technical leaders throughout the organization to refine and mature Allys security posture for cloud-based technologies and platforms, as well as identifying and maturing our application security capabilitiesConsult with project teams to ensure that platform architecture has proper security controls in place (focused on Cloud Providers SaaS engagements)Engage as needed in other Cloud Security efforts where skills may overlap Cloud Platform Security and DevSecOps Pipeline SecurityThe Skills

You BringDemonstrated technical expertise in two or more technology areas (compute, storage, network, data, etc)

Experience as a software developer with knowledge of automation, Infrastructure as Code and DevOps CICD tools and processesStrong background in information security practices, controls, and governance (CISSP, CCSP, CCSK, andor cloud provider security certification, andor degree concentrationfocus in information security preferred)5 years of experience as a technical resource within an IT organization (enterprise matrixed organization preferred)2 years of experience with cloud platforms (operational experience preferred for AWS, Azure, Google Cloud Platform, etc)

Strong soft skills builds partnerships, translates complexities into simple terms, ability to maintain focus on objectivesHighly proficient in drafting technical documents processprocedures, standardspolicies, architectures, etc).

This is a hybrid in-office position that requires minimum three days on site in either our Charlotte or Detroit officeThe current three day in-office requirement is subject to change without notice at any timeThis position is not eligible for full time remote work now or in the future

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.