Cloud Security Engineer
Chicago
Applications have closed
DRW
DRW is a diversified trading firm innovating across both traditional and cutting-edge markets.DRW is a diversified trading firm with over 3 decades of experience bringing sophisticated technology and exceptional people together to operate in markets around the world. We value autonomy and the ability to quickly pivot to capture opportunities, so we operate using our own capital and trading at our own risk.
Headquartered in Chicago with offices throughout the U.S., Canada, Europe, and Asia, we trade a variety of asset classes including Fixed Income, ETFs, Equities, FX, Commodities and Energy across all major global markets. We have also leveraged our expertise and technology to expand into three non-traditional strategies: real estate, venture capital and cryptoassets.
We operate with respect, curiosity and open minds. The people who thrive here share our belief that it’s not just what we do that matters–it's how we do it. DRW is a place of high expectations, integrity, innovation and a willingness to challenge consensus.
We are seeking a Cloud Security Engineer to work with various business units across the firm to empower our technologists to deliver secure cloud infrastructure and cloud integrated solutions. The position will work in concert with the technology teams to ensure the cloud environments we use and configure are done so in a secure manner. You will also be responsible for defining global standards and guidelines to direct secure cloud development. A successful candidate will be able to establish base guidelines, implement security controls, review architecture and validate this is done in a repeatable and automatable fashion. While ensuring that the overall cloud presence of DRW is as secure as it can be.
What you’ll be doing:
- Review and audit AWS/GCP/Azure environments spanning across multiple business units and recommend changes to reduce risk and improve security.
- Support development and work with technologists across the firm to unify cloud security efforts.
- Integrate services and access routes in a data intensive hybrid cloud environment.
- Provide architectural guidance and support to ensure the various environments are securely deployed.
- Provide recommendations and create working examples of secure hybrid cloud implementations.
- Helping business units across the firm to securely migrate on-premise designed software to the appropriate cloud technologies.
- Stay abreast of new developments in the areas of cloud technology, security, services, and networking.
- Work with vendors and vendor solutions to evaluate products, produce recommendations for the firm, and educate internal clients.
- Have a strong grasp of technologies that can be leveraged across both cloud and on-premise deployments (user supported authorization, etc).
- Identify and analyze vulnerabilities and work with the various business units on remediation.
- Continuously assess and enhance cloud privilege models to ensure least privilege access to data and services.
- Respond to any security related incidents.
What we’re looking for:
- Bachelor’s degree or relevant work experience required.
- Relevant cloud certifications are a plus.
- Strong knowledge of cloud encryption technologies including key management such as (KMS, HSM, etc).
- 5+ years of experience working with Amazon Web Services, with exposure to other cloud vendors such as Google Cloud Platform and Microsoft Azure.
- A strong command of infrastructure-as-code tools such as Terraform, CloudFormation, and related technologies.
- Proficient with containerization and container orchestration tools such as Kubernetes within a Linux environment.
- Proficient with at least one applicable programming language (Python, Go, Javascript, etc).
- Experience with automation in the cloud, in addition to services used in loosely coupled serverless architectures, such as Lambda, SQS, API Gateway, and DynamoDB.
- Knowledge of cloud security best practices and cloud based controls.
- Familiarity with security considerations, capabilities, and regulatory adherence for services across cloud providers.
- Working knowledge of networking in hybrid cloud environments.
- Must work well in a fast-paced, dynamic work environment and have strong work ethic and initiative.
- Proven ability to troubleshoot and resolve production problems while making sensible decisions in times of stress.
- Excellent verbal/written communication skills and documentation/knowledge management skills.
For more information about DRW's processing activities and our use of job applicants' data, please view our Privacy Notice at https://drw.com/privacy-notice.
California residents, please review the California Privacy Notice for information about certain legal rights at https://drw.com/california-privacy-notice.
#LI-BL1
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: API Gateway APIs Automation AWS Azure Cloud DynamoDB Encryption GCP JavaScript Kubernetes Lambda Linux Privacy Python SQS Terraform Vulnerabilities
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs