Snr Cloud Security Developer

Job Description

Day to Day:

Seeking a Senior Cloud Security Developer for the Charles Schwab Security Operations Team. The Security Operations Team consists of 4 work streams: SOC (Security Operations Center), DFIR (Digital Forensics Incident Response), Cyber Threat-Intelligence (TI) and Insider Threat. This role is with the DFIR Team and is the senior cloud DFIR developer, cloud DFIR development trainer, and the main DFIR cloud development program point of contact. The Senior Cloud Security Developer will coordinate and execute the proactive efforts with the Cloud Engineering, DFIR, and other Cyber Defense teams for the development, engineering, analysis, training, and reporting of the Schwab multi-cloud environment.

This individual works closely with a broad range of professionals at all levels within Schwab technology, Cybersecurity, Audit, Risk and business units. The Senior cloud developer will be responsible for setting up communication channels between Cloud Engineering and on prem Cybersecurity customers. The position will lead development of cloud DFIR environments, processes, and training.

What You Are Good At

Perform development work within Cloud Technologies such as AWS, GCP, and Microsoft Azure.

Responsible for the planning, design, and build of cloud security architectures; oversees the implementation of cloud network and cloud computer security and ensures compliance with corporate cybersecurity policies and procedures.

Responds immediately to cloud cybersecurity-related incidents and provides a thorough post-event analysis.

Code/script within the Cloud environment using various cloud scripting languages.

Implements cloud software fixes (patches) to remove system vulnerabilities.

Investigates cloud intrusion incidents and conducts forensic investigations assisting the DFIR team.

You can quickly understand complex cloud problems and come up with effective solutions.

o Ability to communicate well with teams and leaders of the organization; have good listening skills and ask great questions.

o This position requires good interpersonal, analytical, and problem-solving skills.

o Strong technology affinity and experience, as well as attention to detail is required.

o A willingness to learn and grow is a must. Act as a teammate with strong collaborative qualities and a positive demeanor. You can transition and cross train peer teams on your cloud security designs and technology development.

o Ability to thrive in a fast-paced environment across multiple time zones and locations.

o Previous experience in a highly regulated environment with appreciation for audit and regulatory principles will benefit the applicant.

Experience being a part of a team that performs security assessments of cloud platforms and applications and systems using penetration and vulnerability testing and risk analysis in support of red/purple team activities.

Develops and evaluates compliance with programs and processes to mitigate cloud cybersecurity risk and ensure protection of company and allied assets and information.

Researches and interprets current and pending governmental laws and regulations, industry standards, and customer and vendor contracts to communicate cloud compliance requirements.

What you have

Confident decision maker and leadership skills with strong problem-solving skills.

Strong communications and organization capabilities, with attention to detail.

Trustworthy integrity, character, courage, and honesty.

Foresight and development of cloud playbooks, IR frameworks, Tabletop Exercises

o Strategic and operational development of cloud DFIR playbooks, processes, and Tabletop Exercises.

Cloud Computer, Memory & Network Forensics knowledge.

o Experience with cloud DFIR including compute, memory, and network across multiple CSPs.

o Experience with architecting and engineering DFIR environments and capabilities across multiple CSPs.

Advanced knowledge of cloud network security and DOS/DDoS attacks and mitigation. Including DNS and Layer 7 attacks preferred

o Advanced knowledge of cloud network security including attack mitigation controls, application security best practices, Infrastructure-as-Code, and container security.

Knowledge of social engineering campaigns, exploit kits, tactics and techniques directed at cloud platforms by threat groups.

o Advanced and current knowledge of threat groups and campaigns, tactics, and techniques direct at cloud platforms.

o Experience mapping cloud MITRE TTPs to DFIR requirements.

Advanced and current knowledge of malware families, campaigns, and related threat groups

Experience with Cloud Forensics and Cloud Incident Response across all cloud platforms preferred.

Experience with networking environments including Windows networking, Cisco, Juniper

o Experience with cloud network architecture across multiple CSPs.

Experience with Unix, Linux, Mac operating systems.

o Experience with Windows, Linux, Unix, Mac, and other operating systems.

Knowledge of social engineering campaigns, exploit kits, tactics and techniques directed at cloud platforms by threat groups.

Advanced knowledge of cloud network security and DOS/DDoS attacks and mitigation. Including DNS and Layer 7 attacks preferred

Minimum of 6+ years of progressive experience in cloud technology and information security

o Minimum of 6+ years of progressive experience in cloud technology and DFIR.

Bachelor's Degree (Computer Science or Information Systems) and/or equivalent applicable experience.

Industry Certification and/or CCSP certifications desirable.

o GCFR, GCTD, GCAD, CCSP, GCP/AWS/Azure certifications

o GCIH, GCFA, GNFA, GREM, GCFE, GCIA, GEIR, DFIR certifications

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to .

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: .

Skills and Requirements

Must Haves:

Highly experience cloud architect/engineer

Ability to assist in building out DFIR response in Azure, GCP, AWS

Cert needed - cloud specific certs highly preferred over anything else (BOLD his top verses)

o Industry Certification and/or CCSP certifications desirable.

GCFR, GCTD, GCAD, CCSP, GCP/AWS/Azure certifications

GCIH, GCFA, GNFA, GREM, GCFE, GCIA, GEIR, DFIR certifications null

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to .