Cloud Security Engineer Our client, a Fortune 100 Credit Union, is looking to add a Cloud Security Engineer to their team on a REMOTE schedule. The successful candidate will be a subject matter expert with hands-on experience in cloud technologies, tools, and methodologies, with a particular focus on Microsoft Azure. This role is suited for an experienced Cloud Engineer with a proven understanding of enterprise security. The focus will be on building toolsets and processes to support our client's Cloud program. Our client's Cloud Organization fosters a collaborative environment and is building a best-in-class Cloud program that protects our client's information and cloud compute environments.
Responsibilities - Contribute to the vision, strategy, and execution of integrated security controls across SaaS, PaaS, and IaaS for our client's Azure environment.
- Demonstrate a clear understanding of current risks and threats to Cloud and IT infrastructures to technical and managerial audiences.
- Provide security consultancy and engineering support for cloud security solutions, including analysis and development of Azure and other security solutions.
- Provide architecture assurance on Cloud security initiatives and ensure compliance with existing security standards, interfacing with infrastructure and development teams.
- Maintain the security infrastructure tools built on the Cloud platform, ensuring stability and adherence to policies and procedures.
- Support the development and delivery of a comprehensive Information Security Program (ISP) for the entire organization.
- Develop and maintain documentation of all security products, including specific tools, technologies, and processes.
- Participate in Information Security Incident Response activities for the client's environment.
- Respond to security vulnerabilities identified through periodic and on-demand system audits and vulnerability assessments of Cloud services.
- Monitor compliance with the organization's information security policies and procedures among employees, contractors, and third parties.
- Manage remediation efforts for any gaps reported in audits or recommended process improvements.
- Actively monitor new and emerging cloud security technologies, trends, issues, and solutions, and assess their applicability to the client's cloud strategy.
Requirements - Candidates are required to be legally authorized to work in the United States without a sponsoring employer indefinitely. At this time, we can only accept the following: US Citizens, GC Holders, GC EAD, TN Visas.
- This is a remote role, but candidates are required to currently reside within the continental United States to be considered. All work for the client is required to be done within the continental United States.
- 7+ years' experience working in a technical role with a minimum of 3 years' experience focused on information security and access control.
- Hands-on experience with Access control technologies such as Azure AD B2C; SAML SSO, oAuth 2.0 configuration, set-up and operations management.
- Experience with certificate management for IaaS and PaaS elements
- Experience with Azure AD, Azure Resource Management Templates and Azure policies
- Experience with Azure Key Vault integration and key management
- Experience with VSTS release management for Azure Key Vault and other IaaS and PaaS elements.
- Hands-on development and scripting skills in PowerShell 5
- Strong knowledge of information security and access controls.
- Industry certification is required (CISSP, CISA, CISM, CEH)
- Financial industry experience preferred