Cloud Security Engineer
Dulles, VA, United States
Applications have closed
ATPCO
ATPCO is the airline industry’s primary source for airline merchandising and pricing data.Job Description
The InfoSec team is responsible for finding and solving the biggest security risks facing our infrastructure. As an engineering team ourselves, we do this by building paved roads and guardrails. We believe that the secure option should also be the easiest option for our users. We’re looking for a strong engineer with a deep understanding of securing infrastructure and services in a Cloud-native world to help us execute this vision.
You will:
- With a focus on AWS, build the security components of the next phase of ATPCOs Cloud infrastructure, shaping how we use it for years to come.
- Build automation to help us discover, measure, and contextualize security issues.
- Partner with platform teams to deliver solutions that permanently solve entire categories of security risk.
- Drive implementation and education of security best practices
The Ideal Candidate:
- Has strong AWS infrastructure security architecture experience
- Tactfully makes recommendations and influence decisions
- Communicates complex ideas and plans clearly both orally and in writing to technical and non-technical staff
- Collaborates with dependent teams to develop cloud security standards and verify controls are implemented for hardening infrastructure, hardening infrastructure as code, hardening CI/CD pipelines, and hardening containers
- Has experience implementing Cloud security posture management, workload protection, and cloud-native application protection platform tools (e.g. AWS Security Hub, Defender for Cloud, Prisma Cloud, Wiz.io, Orca, etc)
- Develops and executes security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data and web-based systems.
- Engages with internal stakeholders and vendors on system architecture to resolve misconfigurations.
- Participates in network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures.
- Has strong analytical, technical, and organizational skills to include strong attention to detail.
- Participates in penetration testing and vulnerability assessments of applications, operating systems and/or networks.
- Responds to cybersecurity breaches, identifies intrusions, and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis.
- Establishes, maintains, and reports upon metrics around overall security posture.
Preferred Skills:
- Prior systems security experience in a distributed, multi-Cloud hybrid environment with a focus on AWS.
- Experience with scripting in JSON, Python, YAML, CloudFormation, Terraform, PowerShell, etc.
- Solid understanding of corporate and regulatory policies/standards and industry best-practices for Information Security
- Strong vulnerability management and architecture experience
- Experience with configuration of cloud and platform technologies (AWS, Kubernetes, Dockers, Linux, Windows)
- Strong interpersonal skills and ability to work collaboratively in a dynamic cross-team environment.
- Excellent technical documentation skills.
- Experience with product management tools and practices, can interface directly with product teams to assign work/influence backlog for security needs
- Ability to articulate security control-level concerns to both technical and non-technical audience
- Industry certifications.
Additional Information
ATPCO is the foundation of flight shopping, providing pricing and retailing data, tools, and services to 500+ airlines, global distribution systems, sales channels, and technology companies. ATPCO links the entire airline community together, collaborating to develop industry standards for airline distribution and end-to-end technology solutions. From shopping to settlement, ATPCO solutions work seamlessly across existing, new, and evolving technologies and methods. Airline-owned and reliably supporting air travel for more than 55 years, ATPCO is everywhere people buy flights.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS CI/CD Cloud Compliance JSON Kubernetes Linux Network security Pentesting PowerShell Python Scripting Terraform Vulnerability management Windows
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs