Senior Cloud Security Engineer

As a Senior Cloud Security Engineer, the primary role is to enhance the security of our cloud environments across AWS, GCP, and Azure. This involves identifying and mitigating security risks, utilizing cloud-native security tools, and managing security solutions. The engineer will collaborate with various teams to integrate security into the software development lifecycle and maintain threat models. They will also ensure compliance with security and regulatory requirements, suggest risk mitigation strategies, and respond to security queries from clients and partners.

Familiarity with cloud security platforms like CNAPP, CSPM, CWPP, CASB, CIEM, and the Wiz tool is essential.

This role requires networking knowledge, particularly with Cisco equipment, and experience with WAF, DDoS protection technologies, IDS, and threat intelligence.

Responsibilities:

• Experience in cloud security or engineering in public cloud providers AWS, GCP and Azure.
• Experience with evaluating, reviewing, and deploying cloud native security tools in AWS and Azure.
• Hands-on experience with monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM.
• Lead network security initiatives with a primary focus on Cisco technologies (Fire Power, ASA, ISE, Umbrella, Stealthwatch).
• Utilize the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Determine, monitor and maintain our security posture, in collaboration with Engineering.
• Oversee and manage the deployment, integration and configuration of security solutions and of any enhancements to existing security solutions and the enterprise’s security documents.
• Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle.
• Implement and manage security policies, firewall configurations, and network segmentation strategies.
• Oversee the deployment and security of F5 technologies and WAF at the edge.
• Develop and implement DDoS protection strategies.
• Recommend actions/practices to management in order to ensure compliance with security and regulatory requirements in decision-making processes.
• Suggest actions in order to mitigate risk in any activity that potentially impacts security of existing IT and information management.
• Craft responses to client and partner security questionnaires.
• Other duties as assigned.

REQUIREMENTS

• B.
  
  A. or B.S. (or higher-level degree) in Computer Science or a similar engineering program with strong academic performance preferred.
• 7+ years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure.
• AWS Security, CISSP, CISA, OSCP or other information security certification.
• Security certifications such as Cisco CCNP Security, AWS Security, CISSP, CISA, OSCP are a plus.
• Experience in performing security reviews of cloud application designs, source code and deployments.
• Must have knowledge and stay up to date on the latest cloud security advisories, alerts and vulnerabilities.
• Strong verbal and written communication skills for a highly collaborative environment.
• Rigorous attention to detail and focus on quality of deliverables.
• Expertise in AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM.
• Familiarity with Infrastructure as Code (IaC) tools like Terraform/Cloud Formation.
• Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation.
• Proven team experience and comfort in a team-oriented environment.

Passion for working with cloud technology and excitement for creating high quality, secure consumer technology products.