You would act as Cloud Security Engineer for the Corporate Information Security Team. This is a highly technical role, with responsibilities for designing, implementing, maintaining and monitoring security and compliance of cloud services and responding to cyber security incidents.
As a Cloud Security Engineer, your responsibilities will include:
- Security oversight of cloud services, including M365 services, Salesforce, and other SaaS services.
- Develop strategies, evaluate solutions, design and implement tools, processes and controls to ensure that security and privacy are implemented in cloud services we consume.
- Be a strong cloud security and privacy advocate.
- Monitor the security and compliance of cloud services and actively participate in responding to and investigating cyber security incidents.
- Engage system owners and provide expert guidance on the design, architecture and implementation of solutions that utilize cloud (SaaS) services.
- Drive the secure use of cloud services.
- Be part of a global distributed team to share knowledge, workload and assignments. Strong sense of teamwork is required. Coach peers in cloud security technologies and best practices.
- Support internal and external audit and compliance activities (e.g. SOX, ISO 27001, SOC 2, etc.).
- Work with other information security teammates, IT staff and vendors to conduct risk and vulnerability assessments, penetration testing, and threat hunting exercises to anticipate and remediate security weaknesses.
We are looking for:
- Ten or more years of combined experience in network and systems administration, cloud engineering, application operations and security roles.
- Solid knowledge and proven experience architecting and security with Azure.
- Experience with Active Directory, Microsoft Entra, and SSO technologies including SAML.
- Experience and functional knowledge of Firewalls, Switches/Routers and Network/System Intrusion Detection or Prevention Systems (IDS/IPS), WAF, anti-malware/virus, vulnerability assessment tools and other security tools found deployed in cloud environments.
- Experience with Fortinet products, an advantage. DevOps/SecOps experience a plus.
- Experience with working in a Computer Security Incident Response Team (CSIRT) or Security Operations Center (SOC) preferred.
- Programming/scripting skills (e.g. Python, Java, Go, Rust, shell scripts, PowerShell, etc.)
- Hands-on Linux experience and Windows experience system administration experience.
- Familiarity with legal and regulatory requirements, data security standards and frameworks such as ISO 27001/27002, NIST, PCI, HIPAA, SOX.
- Demonstrate strong communications, analytical, problem solving, and decision-making skills that can contribute towards the resolution of any issue that arises.
- A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience.
- CISSP, CSSP or similar industry certifications along with Microsoft Azure Security Engineer certifications.
- AWS, GCP, and/or Azure appropriate experience and certification in security and architecture.
We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being.
Wage ranges are based on various factors including the labor market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.