Position: Information Security Cloud engineer
Location: San Francisco, CA
Job Type: Long Term Contract
Spruce Technology is a mid-size and rapidly-growing Information Technology services firm
headquartered in New Jersey. An award-winning firm (Inc 5000, SmartCEO) with a steadily
growing portfolio of commercial and government clients, Spruce Technology provides innovative
technology solutions, specialized IT staff, and IT strategy consulting nationwide.
We are looking for an Information Security Cloud Engineer to assist one of our clients in CA.
We are creating an innovative, highly-skilled, results-oriented technology team, with a deep commitment to building and implementing advanced Cloud Security Architectures. You will be responsible for providing strategic guidance and oversight for security and infrastructure services being developed, managed, and delivered in our multi-cloud platforms and hybrid environments globally. You will focus on standardization, suitability, and integration of the existing security portfolio incorporating new and more dynamic solutions to make our environment more secure and user friendly.
- Guide the implementation of new cloud infrastructure methodologies, concepts, and changes to security services in line with business requirements and security guidelines.
- Collaborate with key stakeholders, Engineering, Cyber Security Operations, and architects to align security architecture investments with commercial leading best practices, standards, and frameworks for employing cloud security controls and achieving compliance.
- Incorporate business drivers, needs, and strategies in the development of the technology strategy, strategic communication, technology standards, roadmaps, and practices.
- Manage and review existing cloud security design, processes, and supporting tools to ensure they are effective and leverage cloud security industry trends that can mitigate emerging threats.
- Work collaboratively to design and/or evaluate new tools for improving platform availability, integrity, and confidentiality using automated protection mechanisms that meet business security and compliance requirements.
- Specialize in cloud-native serverless micro-service development to achieve event-based security to automate cloud infrastructure configuration drift reduction, integrate security monitoring, and orchestrate incident response procedures.
- Work in an agile development environment to design and maintain an enterprise Continuous Integration /Continuous Deployment (CI/CD) operating model that promotes application immutable infrastructure and secure software development cycle tenets using cloud-native and industry-leading tools
- Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program.
- BS in Computer Science/Engineering or related field (or equivalent years of professional experience) plus a minimum of 3+ years of directly related experience including subject matter expertise in Cloud Security Engineering and Architecture with at least one year of leadership responsibility.
- Demonstrated hands-on experience designing for both small and large-scale solutions with an emphasis on security and performance
- A background in cloud security practices in at least one of the core Cloud Security Providers (AWS, Azure, GCP) encompassing
- N-Tier, Serverless, and container application security reference architecture design
- Continuous Integration and Continuous Deployment (CI/CD) pipeline security
- Security information and event management (SIEM) logging and monitoring (i.e. Splunk integration)
- Cloud Security Orchestration and Automated Response (SOAR)
- Superior communication, problem-solving, collaboration, presentation, and people skills.
Interested candidates can reach me at