Security Sr Engineer; IT

Sr. Engineer, Security

Sr Security Engineer with strong experience within a large enterprise environment and possesses both deep and wide expertise in the security space.

The Sr Security engineer will promote and ensure security by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data. This individual will also be responsible for implementation and administration of network security hardware and software, enforcing the network security policy and complying with requirements of external security audits and recommendations.

• Develops and manages security for more than one IT functional area (e.g., data, systems, network and/or Web) across the enterprise.

• Wiz/Jira automated remediation system, F5/Cysiv configuration, logging, and alerting. Lead ensuring Cloud Security Firewall requests, Gitlab merge requests, GCP group access requests, and DaVita Temporary Privilege Escalation Tool requests are tracked, worked, and addressed.

• Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.

• Checkov/Cloud Governance implementation project, expected timelines for security issue remediations, "How-To" docs for accessing and configuring our CSPM and ticketing tools, "Go to Cloud" Security Checklist to be used by teammates across the org that will be assisting with moving apps from on-prem to the cloud.

• Prepares status reports on security matters to develop security risk analysis scenarios and response procedures.

• Provide weekly, bi-weekly and monthly status updates on various cloud security projects including Wiz vulnerability and misconfiguration management, the Cloud Governance effort of implementing security checks in the CI/CD pipeline, as well as log ingestion and custom alerting in Cysiv.

• Responsible for the tracking and monitoring of IT security incidents through remediation.

• Jira ticket tracking and communicating with other teams regarding security issues through remediation.

• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

• Wiz/Jira automated remediation system, Cloud Governance Security Team approval tagging, as well as reviewing & updating the Terraform resources that the Cloud Security team is required to approve.

• Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls.

• Review policies and create custom controls in our CSPM to cover a variety of security frameworks. Examples of custom controls are monitoring for active container images with vulnerabilities in our environment and whitelisting designed activity by service accounts. Regarding documenting security controls:
  Document Cloud Security practices & procedures in Confluence and Administer the Cloud Security Dev Ops Jira project. Also - understand, grant, maintain and follow-up on soft exceptions for the Cloud Security team.

• Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.

• F5 testing, Git Lab SAST approval gating, Security Command Center Premium, Checkov, Wiz Code.

• Provides direct support to the business and IT staff for security related issues.

• Educates IT and the business about security policies and consults on security issues. Serve as a cloud security point of contact for other teams.

• Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues. Provide expertise and feedback from a security perspective on operational tasks such as merge request approvals, firewall requests, and AD group assignments. Also provide expertise on larger projects such as WAF configuration for the F5 implementation.

• BA or BS in Computer Science, Management Information Systems, or related field

• 6 to 8 years delivering information security infrastructure support and related services with a minimum of 10 years IT experience

• 5 years of IT experience ranging from cloud security engineering to big data platform engineering for a SIEM/SOAR solution, to cybersecurity consulting assisting with the creation of SOC runbooks and playbooks, as well as standing up an ELK stack.

• Demonstrated experience in computer security combined with risk analysis, audit, and compliance objectives

• Align tuning of CSPM controls and issue remediation program to the CIS benchmarks, including CIS GCP v3.0.0 and CIS GKE v1.5.0. Adjust severity of controls as needed, following risk analysis.

• DDPE experience with a focus on maintenance and upgrade support

• Experience with other full disk encryption solutions, such as Microsoft Bit Locker both with encrypting and decrypting disks including with supporting in disk recovery.

• Expert…