Associate Director, Cloud Security Operations

Telecommuter

Applications have closed

Planned Parenthood

Planned Parenthood Federation of America is a nonprofit organization that provides sexual health care in the United States and globally.

View company page

Planned Parenthood Federation of America (PPFA) is the national umbrella organization for the nation’s leading network of women’s health care providers, educators, and advocates, serving women, men, teens and families. For over 100 years, Planned Parenthood has done more than any other organization in the United States to improve women’s health and safety, prevent unintended pregnancies, and advance the right and ability of individuals and families to make informed and responsible health care decisions. Planned Parenthood Action Fund (PPAF) is the advocacy and political arm of PPFA. 
Planned Parenthood Federation of America (PPFA) seeks a dynamic and hands-on Associate Director, Cloud Security Operations. This job reports directly to the Sr. Dir, Security Operations in the Information Security division of PPFA. Information Security provides the strategy and implementation of the information security program that safeguards the data entrusted to Planned Parenthood by its patients, supporters, donors and staff.
Purpose: The Associate Director, Cloud Security Operations will work within a multi-disciplined team to support the Information Security Operations and Security Architecture domains by providing operational and engineering expertise on the cloud security stack, including on-prem and cloud-based environments, physical and virtual security products, SASE frameworks, as well as the DevSecOps initiatives, while following cloud security architecture standards and cloud security best practices.
Delivery: The Associate Director, Cloud Security Operations will have primary responsibility for configuring, supporting, and managing the security our cloud environments (AWS, GCP, Azure) including implementing and adjusting security policy rules, cloud2cloud security controls, traffic capture/logging, proxy configurations and other security-related constructs in the PPFA cloud environment. Additionally, they will manage AWS, Google, and Azure security configurations, as well as overall cloud security operations management, along with identifying and providing recommendations for resolving security concerns related to the environment and will support security architecture priorities according to the security architecture roadmap. ● The engineer will be responsible for developing security control implementation plans and coordinating the development of advanced cloud security initiatives that can be implemented on security systems such as intrusion prevention/detection systems, firewalls, or endpoints in response to new or observed threats within the enterprise. ● The engineer will leverage working knowledge of security and security tool technologies to improve the security posture and will provide leadership and guidance in identifying current tool capabilities and improvements that can be applied to their configuration through configuration tuning or improved processes. ● The engineer will implement and adjust both AWS & GSuite configurations in accordance with AWS/GSuite security best practices including AWS/GSuite HIPAA configuration requirements. ● The engineer will assist in audits, surveys and assessments and maintain security-related procedures applied to new and ongoing network services and security architecture priorities.
Engagement: The Associate Director, Cloud Security Operations will engage with all team members in Information Security, IT Operations, DevSecOps, InfoSec Architecture & Engineering, Information Technology, PPFA strategic business partners, and management staff within PPFA. ● Act as the Cloud Security SME for managing and troubleshooting issues across PPFA’s cloud environments. ● Run Cloud Continuous Monitoring reporting/metrics governing all security compliance/hygiene issues across the entire Cloud ecosystem. ● Work closely the security team to establish prevention, detection, and mitigation techniques to protect the cloud environments. ● Vendor relationship management with key cloud vendors, MSP and MSSP providers. ● Understand PPFA cloud business initiatives and requirements and map these business needs into technical and security architecture ● Develop and maintain relevant engineering and operational metrics to assess system and data integrity. ● Create and present engineering drawings depicting environments both existing and proposed. ● Provide assessment services, compliance audits, security consulting and advisory services.
Knowledge, Skills and Abilities (KSAs): Reports to the Sr. Dir, Security Operations and will work closely with other Leaders in InfoSec and IT. Candidates must have knowledge of the tools and processes to provide operational security support to our Cloud ecosystem. BA in Information Security, Computer Science, Engineering or related field, or equivalent experience. ● 5 Years’ experience in cloud security operations across virtualized environments (AWS, GCP, Azure) and managing security solutions within Amazon Web Services, Azure, and GCP. ● Extensive security operations knowledge in AWS Services like S3, Lambda, Batch, API Gateway, VPC, IAM, KMS, CloudWatch, CloudTrail, and Config. ● Extensive security operations knowledge in Google Workspace Security Center, Security Investigation Tool, and Security Dashboard. ● Experience managing security solutions within Amazon Web Services (AWS), Azure, GCP.● Extensive security operations knowledge in Azure utilizing Azure Sentinel, Azure Defender for Cloud. Azure Resource Manager, Azure Network Security Groups, and Azure Firewall (Standard/Premium). ● Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments. ● Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc). ● Experience with service-oriented architecture for cloud-based services. ● Full understanding of IP network and security engineering ● Knowledge of threat and vulnerability analysis, routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, and network traffic analysis. ● Ability to write concise analytical reports and assessments. ● Ability to write / diagram network & cloud infrastructure topologies. ● Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience.
TRAVEL : As needed Starting salary: $125K
#LI-SY1

Final offers for this job will be based on capabilities and will be made within the parameters of the PPFA compensation program. Total offer package to include generous vacation + sick leave + paid holidays, individual/family provided medical, dental and vision benefits effective day 1, life insurance, short/long term disability, paid family leave and 401k. We also offer voluntary opt in for Flexible Spending Account (FSA) and Transportation/Commuter accounts.   
We value a truly diverse workforce and a culture of inclusivity and belonging. Our goal is to attract qualified candidates and encourage applications from all individuals without regard to race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other characteristic protected by applicable law.  We're committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.
PPFA participates in the E-Verify program and is an Equal Opportunity Employer.
#LI-SY1*PDN-HR
If denoted as NYC, DC, or both, this position is usually located in our New York City or DC office, but is remote while offices remain closed due to the COVID-19 pandemic.

Tags: API Gateway APIs Application security Audits AWS Azure Cloud Compliance Computer Science Cryptography DevSecOps Firewalls GCP HIPAA IaaS IAM Intrusion detection Intrusion prevention Lambda Monitoring Network security OpenID PaaS S3 SaaS Strategy

Perks/benefits: Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave

Region: Remote/Anywhere
Job stats:  12  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.