Senior Cloud Security Engineer

Locations: Texas, Virginia, New York

Salary: $180k – $230k

Job Summary

Our client, a top player in the technology space, is seeking a Senior Cloud Security Engineer with experience at an enterprise level in cloud architecture, policy, controls, business continuity, and automation, including Terraform, Cloud formation, scripting, AWS, and some Google Cloud Platform administration preferred. Reporting to the Director of Product Security, the role will specialize in AWS services and serve as a liaison between Cybersecurity and Dev-Ops teams for security management of Cloud Architectures.

Responsibilities:

• Performing Cloud Security Assessments of Cloud platforms/environments using industry standard frameworks such as ISO and NIST.
• Perform long form engagements with services and product teams providing product design analysis, infrastructure auditing and participate in the iterative design process in order to identify vulnerabilities, risks and choices that would lead to increased risk down the road early and throughout the product life cycle.
• Develop reference architectures for common patterns that result in unnecessary risk. Document and communicate these reference architectures to teams and advocate for their adoption to mitigate risk.
• Execute a forward-looking risk prevention program that identifies areas of risk that are not well understood and lacking strong ownership, assess the risk, propose a suite of mitigations, and drive the mitigations to completion.
• Drive implementation of countermeasures, mitigations, and containment.
• Manage and improve infrastructure level security capabilities e.g. firewalls, DDoS protection, network isolation, IAM, and other access controls.

Qualification:

• Expert knowledge of AWS cloud services and tools
• Network technologies and connectivity options to AWS cloud
• Experience in working with various AWS logs such VPC Flow logs, CloudTrail, S3, Route53, WAF, etc.Knowledge of scripting (i.e., Python, Shell, Bash) and automation
• An understanding of data encryption methods and AWS mechanisms to implement these controls.
• Comfortable with DevOps style tools like Kubernetes, Terraform, GitLab, etc.
• Ability to analyze computer security incidents and recommend appropriate measures to respond to computer security incident activity.
• Ability to document findings, architectural diagrams, and project roadmaps.

Work closely with various team members to refine the risk strategy for cloud architecture.