Senior Cloud Security Engineer
Remote, United States
Reporting to the Chief Information Security Office the Senior Cloud Security Engineer will be responsible for building innovative tools & platforms protecting our SaaS offerings in AWS.
Essential Duties/Responsibilities
- Develop tools in Python, Node.js, GO using native AWS services to detect, alert, analyze, and audit system and infrastructure security events and vulnerabilities.
- Work with Production and Application Security Engineers to secure the software delivery pipeline used by Cofense PhishMe, Triage, Vision, and other applications and services.
- Ensure AWS accounts and services meet the highest levels of security while allowing Engineers the freedom to innovate and ship code.
- Automate self-service platforms to manage user access, roles, and permissions to critical services
- Work as a member of the Security Operations team to analyze and respond to security events and alerts.
- Develop and automate processes and procedures related to compliance activities, such as SOC2.
- Other duties as assigned.
Knowledge, Skills and Abilities Required
- Expert at AWS Cloud Infrastructure (EC2, VPC, ELB, RDS) and security technology (security groups, CloudTrail, VPC Flow Logs, CloudWatch, AWS Config)
- Strong knowledge of product security, build systems, Git pipelines, containers
- Strong knowledge of product vulnerabilities
- Solid knowledge of Enterprise security fundamentals and how they must be adapted DevOps/Cloud Environments
- Ability to rapidly learn and integrate new tools, technologies, and APIs
- A successful track record of working remote as part of a geographically distributed team
Education and/or Experience:
- 4 year Computer Science or Electrical Engineering Degree highly preferred
- Experience as a software engineer, with solid experience developing modern REST services in Python, Node.js, or GO
- Minimum of 4 years of cloud experience, as a cloud or DevOps engineer, programming AWS services. At least two years of experience with cloud security is highly preferred
- Experience developing and deploying event-based Serverless micro-services applications in AWS, GCP, or Azure
- Experience working in an environment with formal code review and testing
- Familiarity with NoSQL Database (Redis, MongoDB, DynamoDB, Elasticsearch)
- Experience with message queues (SNS/SQS, RabbitMQ, ActiveMQ, etc.)
- Experience with CI/CD tools and pipelines (Gitlab, Jenkins, Travis, etc.)
- Experience working with cloud virtualization, container, and database infrastructure in Azure, AWS, or GCP
- Experience with infrastructure automation such as Terraform, Cloud Formation, or Azure Resource Manager Templates
- Disclaimer-
The above statements are neither intended to be an all-inclusive list of the duties and responsibilities of the job described, nor are they intended to be a listing of all of the skills and abilities required to do the job. Rather, they are intended only to describe the general nature of the job. This job description is not a contract of employment, either express or implied. Employment with Cofense will be voluntarily entered into and your employment is considered at will. Cofense reserves the right to alter the job description at any time without notice.
Cofense is committed to equal employment opportunity. We will not discriminate against employees or applicants for employment on any legally recognized basis [protected class] including, but not limited to: veteran status, uniform service member status, race, color, religion, sex (including pregnancy), gender identity, sexual orientation, national origin, age, physical or mental disability, marital status, genetic information or any other status or characteristic protected by applicable national, federal, state or local laws and ordinances. We adhere to these commitments in all aspects of employment, including recruitment, hiring, training, compensation, promotion, benefits, and discipline.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Automation AWS Azure CI/CD Cloud Compliance Computer Science DevOps DynamoDB EC2 Elasticsearch GCP GitLab MongoDB Node.js NoSQL Product security Python RabbitMQ Redis SaaS SNS SOC 2 SQS Terraform Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs