|Reference # : ||19-00116
||Title : ||Senior Cloud Security Engineer|
|Position Type : ||Direct Placement|
|Experience Level : ||11 Years
||Start Date : ||04/10/2019
| Description |
Our Private Sector Client is seeking to hire a Senior Cloud Security Engineer.
As a Cloud Security Engineer you will not only bring in hands-on technical expertise to Client's growing cloud security program but also work closely with Client's product engineering, cloud operations and support group to build and integrate secure Cloud Solutions.. CSEs are expected to provide input in the product's design, development, deployment, and operations. You will work within the Cloud Support team and you will be working closely with security, compliance, operations and engineering teams.
- Maintain and provide support on Client's SaaS offering hosted on Azure, inclusive of Client proprietary products.
- Cyber security expertise in analysis, assessment, development and evaluation of security solutions and architectures to secure Client's Cloud Platform.
- Intrusion and vulnerability risk testing and assessments (internal and external).
- Document security policies, standards and security assessment test procedures.
- Increase the quality and level of security of Client's cloud environment and maintain security suite of tools.
- Automate security test suites by establishing a devops workflow that integrates into Client's CI/CD pipeline.
- Automate security controls, data and processes to provide better metrics and operational support.
- Influence multi-disciplinary teams in implementing and operating cyber security controls.
- Stay current on emerging security threats, vulnerabilities and controls.
Nice to Have's
- Degree in Computer Science, Engineering or equivalent experience.
- 5+ years of experience in Azure, IAM, container technologies, Terraform, Ansible, threat detective control.
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc)
- Experience with a broad set of information security best practices and technologies (e.g. application security, risk management, data protection, encryption, identity and access management, logging and monitoring, network security, security governance, etc.) within cloud environments.
- Expert experience with multiple security assessment tools, network and host-based information security technologies, including firewalls, WAFs, intrusion/threat detection/prevention, data loss prevention, anti-malware, file integrity monitoring, etc.
- Experience with encryption (at-rest, in-transit, in-use) and secrets and key management within cloud environments.
- Experienced in information security testing methods, including penetration testing, web application security assessments, vulnerability assessments using Nessus and Burpsuite.
- Understanding of enterprise IT security risk assessments and related frameworks (e.g. SOC2, ISO 270XX, GDPR, COBIT, etc.) and industry best practices.
- Understanding of Cloud Security Alliance (CSA) framework.
Superior networking skills. Promoting internal collaboration and creating external visibility.
- Entrepreneurial spirit and instincts. Highly self-motivated; able to operate autonomously in a dynamic environment.
- Sharp business acumen of building and managing growth with a dynamic personality with an ability to influence and persuade.