Senior Cloud Security Engineer - AWS

Amazon S3, Amazon Web Services, Architecture, Automation, CISA, CISM, CISSP, Cisco, Cloud, Cloud security, Configuration, Continuous integration, Cyber security, DevOps, Firewall, GIAC, ISE, Implementation, Incident management, KMS, Meraki, Microsoft Windows Azure, Penetration testing, PCI, SIEM, SEC, Security, Security engineering, Threat modeling, WAF, Software security, Identity management, High availability, OWASP, Risk assessment, Scripting, python, Go, Golang, Powershell, Shell
Full Time
$160,000 - $200,000
Work from home available

Job Description

2Bridge has been engaged in the search for a direct-hire, full-time Senior Cloud Security Engineer with a background in application security to join our FinTech Client. 

Our client offers a comprehensive package including base, bonus, equity, and benefits including medical, dental, vision, etc. 

Responsibilities

  • Coordinate cross-functionally to assess, design, and implement security processes, tools, controls, and automation.
  • Improve security posture across the environment tightening and configuring relevant cloud services
  • Perform security reviews and risk assessment of NACLs, Security Groups, IAM, S3, KMS, and other core AWS services 
  • Lead the selection and Implementation of security tooling - SIEM, WAF, MDR, etc.
  • Write scripts to automate security processes and vulnerability detection
  • Participate in offensive security ops 
  • Work closely across Development, DevOps, and Cloud to secure the environment
  • Evaluate infrastructure and work closely with the team to deploy patches and fixes
  • Assist in pen testing, architecture reviews, and identify vulnerabilities to drive remediation
  • Operationalize security incident response and investigative processes

 

Qualifications

  • Bachelors degree in cybersecurity or another relevant discipline
  • 5+ years of working in a security engineering capacity in an enterprise, HA, cloud environment
  • Expertise in securing a multi-account, AWS & Azure environment including logging, key management, detection, correction, & automation
  • Understanding of native cloud controls for AWS and Azure
  • Experience with Cisco products – Meraki firewalls, ISE, Anti-phishing, etc.
  • You’ve spent your career writing complex scripts for automation when and where possible
  • SME in key management, privilege management, and "least authority" practices
  • Experienced in app security, threat modeling, & integrating sec tooling into a CI/CD pipeline 
  • Experienced working with developers and helping to evangelize security best practices
  • background and experience in sec ops, incident response, and management
  • Knowledge of OWASP, SOC2, ISO27XXX, PCI, etc.
  • Certifications are a plus – CISSP, CISA, CISM, GIAC, Etc.

 

Dice Id : 90827581
Position Id : 6666777
Originally Posted : 2 months ago
Have a Job? Post it