Cloud Security Engineer

Job Description & Summary

A career in Cloud Security Operations, within Internal Firm Services, will provide you with the opportunity to focus on supporting our global internal infrastructure operations and security technologies. Using industry vendors such as Microsoft, Amazon, Google, and other cloud platforms, you will implement and support innovative services for our network of firms. You’ll be at the forefront of Internal Firm Services around the globe supporting innovative technology solutions that optimize business processes or enable scalable technology. Our team helps Internal Firm Services support their cloud security components and infrastructure architecture. As part of the team, you’ll focus on the cloud security configuration, platform policy management, and all cloud security.

Responsibilities

As a Cloud Security Engineer Manager, you’ll work as part of a team of problem solvers to support mission critical operations and ensure continued compliance with important Cybersecurity principles in a Cloud environment. This will require using a variety of modern technologies and techniques across multiple providers (Microsoft Azure, Amazon AWS, Google GCP, etc.) while supporting multiple cloud service implementations (IaaS, SaaS, PaaS).

Specific responsibilities include but are not limited to:

• Lead the configuration and support of security products, and technologies

• Lead troubleshooting effort to resolve complex technical challenges for our stakeholders

• Develop and maintain documentation for security solutions and processes

• Identify areas of cloud security improvements and drive respective work stream activities

• Provide Cloud Security-related  trainings to team members as required

• Lead and solve customer support requests, and coordinate and prioritize resolutions

• Maintain platform and application security posture; and identify, recommend, and or remediate risks associated within the cloud infrastructure

• Work closely with architect teams while developing security controls 

• Drive mitigation of reported risks from continuous monitoring solutions

• Maintain the Azure Governance Policy repositories and pipelines

• Design and build internal cloud-based tools to automate security as part of DevOps cycle

• Maintain current and relevant knowledge of policy management, cloud computing, cloud vulnerabilities, and best practices

• Help drive Cloud Security Practices in IaaS/ PaaS and SaaS implementations.

• Conduct cloud security assessments to identify areas of risk and ensure any gaps are remediated

• Collaborate with application development teams for remediation of policy compliance via automated pipelines

• Use build and deployment processes (CI/CD) to promote code to staging and production environments.

 Preferred Knowledge/Skills

• 5+ years of experience in Cloud and or information security field

• Cloud platform certifications such as Microsoft, Google, Amazon Web Services

• Proficiency in scripting programming languages - ARM Templates, JSON, PowerShell, Python, YAML

• Data Modeling, Cleaning, Normalizing and Visualization experience. 

• Cloud security configuration experience - (Load Balancer, Security Groups, CASB, Key Management)

• Experience with version control systems VSTS and Visual code, Azure DevOps

• Experience with Linux and Windows Operating Systems administration

• IT and Security management best practice (ITIL, COBIT, ISO standards)

• Experience with cloud platform security policy management

• Experience in administration/management of continuous monitoring solutions

• Understanding of container security and orchestration concepts and best practices

• Experience in writing and maintaining risk assessment reports (RARs) and plans of action and milestones (POAMs) for systems hosted in the Cloud

• Excellent verbal and written communication skills to deliver and present documentation, reports, architecture, and findings.
   

Desired Certifications / Skills

• ISC2 CCSP Certified Cloud Security Professional

• ITIL Certification(s)

• Experience building infrastructure and platforms using Azure Resource Manager, HashiCorp tooling (Terraform, Packer, Vault)

• Familiarity with security frameworks CSA, NIST, CIS, PCI DSS, etc

• Aptitude & willingness to build skills to identify and assess cloud security vulnerabilities and risks

• Ability clearly explain security/compliance risks and recommended remediation

• Demonstrated experience in creating reporting & metrics using Excel (i.e. pivot tables), and Splunk

• Experience in defending attacks utilizing Information Security technologies, including web application firewalls, anti-DDoS technologies, advanced anti-malware solutions, and network forensics and visibility solutions