The Senior Cloud Security Engineer will lead the deployment, integration, and operationalization of the Cloud Security Posture Management and Cloud Workload Protection Platform within a multi-cloud environment. The Cloud Security Engineer will have very solid interpersonal skills, be a self-starter, and have a desire to maintain enterprise-wide visibility to initiatives related to cloud-based technologies and services. The Cloud Security Engineer is an individual contributor role with deep expertise in Cloud Security and Cloud Engineering best practices.
Primary Responsibilities:
- Implement, maintain, and improve the CSPM and CWPP toolsets in a multi-cloud environment
- Design, implement and manage security controls to safeguard cloud infrastructure and data
- Conduct security assessments and audits to ensure compliance with federal regulations and standards (e.g. FedRAMP, NIST)
- Collaborate with cross functional teams to identify security requirements and develop solutions
- Develop and maintain security documentation including policies and procedures
- Stay current with emerging security threats and technologies, providing recommendations for continuous improvement
- Mentor and provide guidance to junior security engineers and other team members
- Comply with the terms and conditions of the employment contract, company policies and procedures, and any and all directives (such as, but not limited to, transfer and/or re-assignment to different work locations, change in teams and/or work shifts, policies in regards to flexibility of work benefits and/or work environment, alternative work arrangements, and other decisions that may arise due to the changing business environment). The Company may adopt, vary or rescind these policies and directives in its absolute discretion and without any limitation (implied or otherwise) on its ability to do so
Required Qualifications:
- Undergraduate degree or equivalent experience
- 3+ years of experience in cloud security engineering with 2+ years in a senior or lead role
- 3+ years of experience working with a wide array of operating systems (e.g. Linux, Windows, Ubuntu, etc.)
- 2+ years of experience working directly in AWS, Azure or GCP in an enterprise environment
- 2+ years of experience in scripting and automation focused on cloud-based deployments utilizing languages/frameworks such as Python, Terraform, Cloudformation, etc.
- 2+ years of experience with container security and orchestration tools (Docker, Kubernetes, etc.)
- Experience with DevSecOps practices and integrating security into CI/CD pipelines
- Knowledge of advanced threat detection and response techniques
- Familiarity and in-depth knowledge of FedRAMP and NIST security frameworks and compliance standards
- Solid understanding of fundamental security principles/concepts (Networking, Encryption, IAM)
- Proven outstanding written and verbal communication skills, with the ability to work collaboratively in a team environment
- Proven excellent problem-solving skills, with the ability to analyze complex security issues and develop effective solutions
Preferred Qualification:
- Relevant security certifications - CISSP or equivalent
Employment Type: Full Time, Permanent
Read full job description