Overview Position: Cloud Security Engineer Overview:
GreenSky is looking for a Cloud Security Engineer to join our Corporate Security Organization. This person should be someone with a strong engineering experience. The Security Engineer secures enterprise information by determining security requirements; planning, implementing, and testing security systems, tools and applications; preparing security standards and mentoring junior team members. This position will work cross functionally with other teams and help grow this capability within our SOC. This candidate will focus on securing our cloud environment and administrating Identity Access Management (IAM). The Engineer acts as an escalation point for troubleshooting security tools and for ticket escalation.Duties & Responsibilities
- Understand, detect and assist with remediation of security related vulnerabilities in the cloud.
- Set standards and administer IAM (Identity Access Management) on applicable applications and environments (public and private cloud).
- Review on a regular bases basis authorized access by investigating improper access; revoking access; reporting violations. Collaborate with infrastructure teams to implement, maintain, monitor and audit usage and secure storage of privileged credentials.
- Creation, management, and enforcement of IAM policies within AWS
- Ensure the security software of all endpoints within the corporate network, for remote users and for satellite offices is current and deployed appropriately to provide best available security protection.
- Ensure that Cloud Security and Security Access meets industry and regulatory compliance standards such as PCI, SOX, SOC 1, SOC 2, CCPA, and any other new regulation
- Plan, test and implement appropriate updates, deployments, and rollouts as needed to ensure the integrity of our cloud environment.
- Partner with the SOC to enable monitoring of log files, dashboards and other appropriate data sources to provide periodic management reporting and input to the life-cycle improvement process.
- Assist with Incident response and serve as escalation on security tickets.
- Any other duties deemed necessary by management.
- Bachelor's degree in Information Technology. An equivalent combination of education and work experience may be taken into consideration in lieu of a degree.
- Deep understanding of authentication and authorization using Active Directory, LDAP, 2FA/MFA, and SAML/SSO Minimum of 3-5 year's experience in information technology
- Experience in a AWS cloud environment. AWS certs preferred
- Experience with administration in IAM, MFA
- VMware ESXi Environment experience
- Advance TCP/IP Knowledge
- Threat Analysis
- Linux and Splunk experience a plus
- Exceptional verbal and written communication skills
- CISSP, CCNA, GIAC, GCIA, GCIH, GSEC, Security+ or similar certification desirable
- Operating systems and networking certifications desirable
- Knowledge of industry standards including PCI-DSS, SOX, ISO 27001, NIST
- Experience with firewalls like Palo Alto, Cisco, Linux iptables/netfilter
- Results oriented, willing to accept challenges dynamically and prioritize accordingly to business needs
- Availability to work non-standard hours during Maintenance Windows, Business Continuity, Disaster Recovery &/or security incidents
GreenSky is an equal opportunity employer and will not discriminate against any employee or applicant on the basis of age, color, disability, gender, national origin, race, religion, sexual orientation, veteran status, or any classification protected by federal, state, or local law.