Senior Cloud Security Engineer
United States
We provide technology that community financial institutions use to manage risk and drive growth. Our solutions automate key processes – from anti-money laundering to fraud detection to CECL readiness to lending workflows – empowering our customers by addressing their Enterprise Risk Management needs.
This is an exciting opportunity for someone who is not only a master of their craft, but also shares our commitment to driving a strong company culture by putting their heart and soul into their work every day.
Abrigo is looking for a Senior Cloud Security Engineer to join our team and assist in ensuring the security of our cloud-based systems and infrastructure. The ideal candidate will work closely with senior engineers to implement and maintain security controls, conduct security assessments, and respond to security incidents.
Applicants may choose to work remote or be hybrid-based at our office in Raleigh, NC, or Austin, TX.
What You'll Do:
- Design and Implement security strategies, controls, and solutions for cloud environments via Infrastructure as Code (IaC) based on risk exposure (vulnerability remediation, cloud workload protections, security guardrails, permission boundaries, etc).
- Develop and maintain security standards and best practices for cloud environments.
- Develop, track and routinely report on KPIs, KRIs, ROI for Security Engineering to Director of Security Operations.
- Analyze security events and assessment data to detect patterns and trends and to identify security improvements to design and implement based on analysis.
- Collaborate with cross-functional teams to integrate security best practices into cloud-based applications and services.
- Collaborate with development and operations teams to integrate security into the software development lifecycle (SDLC) – Act as POC for Shift Left initiatives.
- Stay up to date with the latest security trends, threats, and technologies.
- Mentor and support other team members on security best practices.
- Routinely review and prioritize identified vulnerabilities by risk rating and determine path to remediation.
- Identify gaps and vulnerabilities in current security infrastructure, to determine the appropriate tools and controls to employ.
- Document Risk Findings from internal and external assessments, as well as published bulletins (CISA KEV, NIST CVE, etc.).
- Regular communication on vulnerability remediation project status to management and IT Risk Department.
- Coordinate application penetration testing and post-test remediation.
What You'll Need:
- Bachelor’s degree in computer science, Information Technology, or related field.
- 5+ years of experience in cloud security with particular focus on designing and implementing Cloud Security Solutions in AWS.
- Extensive knowledge and understanding of cloud security best practices, including identity and access management, data encryption, and network security.
- Extensive experience with security automation.
- Extensive experience with Infrastructure as Code (IAC) – specifically, Terraform.
- Deep understanding of cloud computing principles and technologies (e.g., AWS, Azure, GCP).
- Extensive experience with AWS Firewall Manager, AWS Shield, AWS WAF, AWS Network Firewall rulesets, administration, etc.
- Experience with security tools and technologies (e.g., IDS/IPS, SIEM, DLP).
- Knowledge of security standards and frameworks (FFIEC CAT, NIST, CIS, AWS Foundations, CSA).
- Knowledge of Qualys Guard (VMDR. CSAM, etc.) a plus.
- Experience managing penetration test engagements with 3rd party testing vendor(s).
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills.
- Relevant certifications (e.g., CCSK, CCSP, AWS Certified Security Specialty) are a plus.
What You'll Get:
- Market competitive total rewards package.
- To be part of the Heart & SOUL of a winning company with an inspiring mission.
- The opportunity to Make Big Things Happen.
- Competitive salary along with full health benefits with an HSA option.
- Flexible PTO and bank holidays.
- 401(k) plan and company match.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identify, age, genetic trait, sexual orientation, national origin, disability status, or any other characteristic protected by law.
Abrigo is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at careers@abrigo.com with the subject line accommodation.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure CCSK CCSP CISA Cloud Computer Science Encryption FFIEC Firewalls GCP IAM IDS IPS KPIs Network security NIST Pentesting Qualys Risk management SDLC Security assessment SIEM Terraform Vulnerabilities
Perks/benefits: 401(k) matching Competitive pay Equity / stock options Flex vacation Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs