Cloud Security Specialist

Building the people that build the world.

With platforms in HVAC and Detection and Measurement, SPX Technologies builds innovative solutions that enable a safer, more efficient, sustainable world.  Through our RiSE talent development framework, we Reach, Identify, Strengthen, and Engage our employees to support them in their continued development.  We’re a global company of problem solvers, collaborators, and innovators, and our businesses build solutions that impact the world. 

As part of Detection and Measurement, CUES is the world’s leading developer of water, wastewater, and storm water inspection equipment.   With CCTV cameras, pre-built vehicles, and software for pipeline inspection and rehabilitation, we improve the safety and reliability of our water infrastructure systems.

How you will make an Impact (Job Summary)

SPX is a diverse team of unique individuals who all make an impact. As a Cloud Security Specialist, you will direct and guide all matters related to security architecture design for our established commercial Cloud SAAS application.  You will also serve as the subject matter expert for secure cloud technology design, secure development, and implementation within the CUES software division. 

What you can expect in this role (Job Responsibilities)

While each day brings new opportunities at SPX, your core responsibilities will be:

1. Software Security & Design

• Creating and maintaining security strategy plans and roadmaps.
• Influencing ongoing planning and execution with measurable benchmarks to show progress or deficiencies.
• Assessing cloud security risks to establish a baseline gap analysis and ensure security roadmap is designed to meet business requirements.
• Assisting the Implementation team with migrations from on-prem systems to the cloud platform while establishing a high level of security and compliance.

1. Collaboration & Support 

• Developing and executing strategies to mature the security of our commercial application
• Maintaining security updates released by AWS to mitigate risks.
• Providing evolving expertise on security-related issues to CISO-level constituents.
• Actively participating in architecture forums to champion our product differentiation and security methodology for successful account acquisitions.

3. Continuous Improvement: 

• Documenting all application-specific controls to prepare for SOC2 audit using AWS and 3rd party tools.
• Ensuring that audit and security logs are collected and shared with the DevOps team for triage, analysis, and incident response with SOC2.
• Reviewing and improving cloud related policies, standards, and guidelines to ensure security is designed and delivered to meet commercial requirements and SOC2 compliance.
• Serving as mentor to the CloudOps implementation specialists and analysts.

What we are looking for (Experience, Knowledge, Skills, Abilities, Education)

We each bring something to the table, and we are looking for someone who has:

Required Experience

• 6+ years’ experience with hands-on Security Architecture and/or Engineering.
• 5+ years’ experience with Amazon Web Services (AWS) and/or Microsoft (MS) Azure.
• 3+ years deploying security strategy and implementation, including the deployment of Security Tools within an AWS ecosystem (Conformance Packs, Foundations Benchmarks, Audit Manager, etc.), Network IPS/IDS, Identity and Access Management (IAM), Zero Trust, Security Access and Service Edge (SASE) and Security Frameworks and Methodologies, and Threat Hunting and Modeling.
• Hands on expertise with AWS Security Tools including: - AWS Config, CloudTrail, Security Hub, Inspector, Audit Manager, Systems Manager, WAF, etc.
• Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools

Preferred Experience, Knowledge, Skills, and Abilities

• SaaS, IaaS, and PaaS architectural solutions within Amazon Web Services
• Cloud, DevSecOps, Container Security, IAM patterns, WAF/CDN/DDoS services, security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
• Working knowledge of security architecture methodologies like SABSA, OSA, O-ESA, security framework and standards like NST CSF, ISO, PIC, SOC2, and best practices like CIS benchmarks, defense in depth.
• Experience working through SOC 1, SOC2 certification process / report preparation
• Experience with data protection, cryptography, key management, SAML, AWS Cognito, OKTA, DUO
• Broad knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems such as Securonix Next Gen, intrusion detection/prevention systems (IDS/IPS) such as Securonix Cloud Ingestor, public key infrastructure (PKI), antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
• Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies

Education & Certifications

• Bachelor’s degree in Computer Science or related field
• Master’s degree in Information Security, a plus
• AWS Certified Solutions Architect 
• AWS Certified Security - Specialty
• ISC2 Certified Information Systems Security Professional (CISSP)
• COMPTIA Advanced Security Practitioner CE (CASP CE 2023)
• Microsoft Certified Solutions Expert (MCSE) Cloud Platform and Infrastructure
• Certified Ethical Hacker (C|EH)
• COMPTIA Security+ CE 2023
• COMPTIA Network + CE 2023

Travel & Working Environment

• 8AM – 5PM   Monday – Friday
• Up to 10% travel
• Office Environment - ability to use computers and office equipment, light lifting and other physical requirements necessary to perform essential job functions.
• Must be able to lift and carry 30 lbs. for at least 15 feet.

How we live our culture

Our culture is at the center of what we do and, more importantly, who we are.  Our core values set a standard for how we manage ourselves, and our Leadership Model sets the standard for how we engage with each other.  Whether you are an individual contributor or you lead a large team, each of us leads at SPX.  

What benefits do we offer?

We know that the well-being of our employees is integral. Our benefits include:

• Generous and flexible paid time off including paid personal time off, caregiver, parental, and volunteer leave
• Competitive health insurance plans and 401(k) match, with benefits starting day one
• Competitive and performance-based compensation packages and bonus plans
• Educational assistance, leadership development programs, and recognition programs  

Our commitment to embrace diversity to build a culture of inclusion at SPX

We value different backgrounds, experiences, and voices at SPX, and we are committed to challenging ourselves, openly communicating, and striving to improve every day.  We believe in creating an inclusive work environment where everyone has a voice and is encouraged to realize their fullest potential. 

SPX is an affirmative action and equal opportunity employer committed to making selection decisions without regard to race, color, religion, sex, sexual orientation or identity, national origin, age, disability, veteran status, or any other legally protected basis.