Senior Cloud Security Engineer | Remote
One of North America's ten largest Multinational Investment Bank | Financial Services Firm seeking a subject matter expert when it comes to Cloud Security. The Senior Cloud Security Engineer will work with the broader security team, architects and information security team to implement and manage various security measures, integrate new and support existing security applications, define the security culture around best cloud security practices, and promote/recommend for security processes around CI/CD pipelines.
An innovative mind is highly encouraged as the client is always looking for fresh and new ideas and try to incorporate them. With a focus on results, not only are you an advisor but also an architect, designer, and engineer.
Responsibilities/Duties:
- Develop & maintain security patterns for Cloud Platforms and services
- Design, assess, implement, automate and document security solutions, controls, process for AWS and Azure cloud platforms
- Implement & design DevOps process and tools to incorporate security into applications and infrastructure design
- Build security controls into CI/CD process
- Review & Approve codes & changes with security implications such as (IaM roles and policies, Security Groups and etc.
- Provide subject matter expertise on Cloud Security, platforms and tools to guide the company on enabling these tools to use in best practices for designing Guard Rail.
- Assist in investigation and remediation in security incidents
- Be the Cloud Security SME for Cloud Engineers and its partners in any IaaS/PaaS and SaaS implementation
- Work closely with other teams such as Information Security, Software development and Product to access risks, cloud controls and remediation in the cloud environment
Requirements:
- Bachelors or master's degree in computer science, cybersecurity, or other related degrees
- 6+ years of security related experience
- Mastery with network-based and system-level attacks and mitigation methods
- Strong working knowledge in web application security
- Strong knowledge in the cloud environment AWS and AZURE
- Strong programming/scripting experience with Python, Bash, Perl, PowerShell, etc.
- Strong automation and infrastructure as code experience in Jenkins, Terraform, Puppet, Chef, Cloud Formation, Ansible, etc.
- Knowledge of security control environments and compliance frameworks like ISO27001, ISO27017, NIST, CSA and CCM
Preferred Qualifications/Certifications (nice to have):
- CCSP - Certified Cloud Security Professional
- AWS Certified Security Specialty / Cloud practitioner
- Azure Certified
- CISSP - Certified Information Systems Security Professional
- CISSMP - Certified Information Security Management Professional
- CCSK - Certified Cloud Security Knowledge
- CEH - Certified Ethical Hacker