Lebanon, NJ, Clinton, NY, NYC or GA - - up to 190k + or - also depends on location
The Cloud Security Engineer performs various functions, including being responsible for the overall implementation of security Cloud architecture within NYL. In addition, they will also helps to improve and develop new designs and security strategies across all types of cloud-based applications (including infrastructure, platform, and Software-as-a-Service.)
The Cloud Security Engineer will investigate and analyze existing NYL Cloud structures and create new and enhanced security methods that will enhance the security of NYL Cloud-based environments and design and deploy Cloud security technologies and processes to provide continuous improvement of the Cloud security capabilities of NYL.
The Cloud Security Engineer is responsible for keeping the infrastructure current, making recommendations, and participating in the implementation and continuous improvement of Cloud technologies and services in assigned information security domains.
The qualifications, core tasks, duties, and responsibilities of the cloud security engineer are listed in the job description below:
- Degree in Information Technology, Computer Science, Engineering, or related field is highly desirable. Advanced security certifications such as CISSP (Certified Information Systems Security Professional), and/or Cloud Certifications such as CCSP, CCSK, AWS-CSAA, or other AWS certifications or specialty certifications highly desired.
- At least 3-5 years of experience in providing security technology solutions as a Cloud Solutions Architect, Cloud Security Engineer, or Cloud Solutions Engineer or Architect.
- 3-5 years of experience working and securing AWS and its services such as EC2, Lambda, ELB, ECS, IAM, S3, RDS, CloudTrail, CloudFront, AWS Config, etc.
- Strong experience in security automation and tool development to secure the cloud
- Experience and knowledge of building security data analysis pipelines in the cloud using AWS Kinesis Firehose/AWS Lambda/AWS ElasticSearch
- Experience in docker containers and Kubernetes security such as pod-security policy, network security policy.
- Experience in developing infrastructure-as-a-code using Terraform, CloudFormation, CI/CD, GitHub.
- Experience in working with various AWS logs such VPC Flowlog, CloudTrail, S3, Route53, ELB, CloudFront, WAF, etc.
- Planning of the delivery of Cloud services and security solutions. Answering technical and procedural questions for less experienced team members, teaching improved processes, and mentoring team members.
- Determining Cloud security requirements by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, studying architecture and platforms and identifying integration issues.
- Responsible for the thorough documentations of Cloud implementations, via technical documentation and run-books
- Responsible for input and feedback on Cloud security architectures
- Apply adept understanding and experience with systems automation platforms and technologies
- Partake in efforts that shape the organization' s security policies and standards for use in Cloud environments
- Interpret Cloud security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers
- Influence multi-disciplinary teams in implementing and operating Cloud Cyber Security controls
- Collaborate with application developers and database administrators to deliver creative solutions to difficult technology challenges and business requirements
- Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams
- Execute security architectures for Cloud Cloud/hybrid systems
- Responsible for automating security controls, data and processes to provide improved metrics and operational support
- Employ Cloud-based APIs when suitable to write network/system level tools for safeguarding Cloud environments
- Stay abreast of emerging Cloud security threats, vulnerabilities and controls
- Architect or design and deploy new Cloud services and security technologies and best practices into the company' s Cloud offerings.
- Designing public/private key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software adhering to industry standards.
- Reviewing current Cloud security measures and recommending and implementing enhancements
- Conducting regular system tests and ensuring continuous monitoring of network security
- Developing project timelines for ongoing security projects and system upgrades
- Cloud access and compliance reviews to ensure all personnel have access to the IT system limited by need and role
- Solid understanding of Cloud security services, architectures, protocols, cryptography, authentication, authorization and automation.
- Ability to interact with a broad cross-section of personnel to explain and enforce Cloud security measures
- Excellent written and verbal communication skills