Cloud Security Engineer

The role is responsible for delivering and managing cloud security and endpoint security services, assessing policies and rules, safeguarding SaaS applications, data and endpoints. You'll collaborate with colleagues supporting network and architecture assessment, threat modeling, vulnerability assessment, and security operations. This position supports the Enterprise Security Transformation practice and is focused on engineering secure methods of utilizing cloud infrastructure services and software to improve the overall security posture. Cloud security engineers may instruct other teams on proper coding methods. They may also investigate, create, and recommend innovative technologies or other methods that will enhance the security of cloud-based environments.

Roles and Responsibilities

• Protects system by defining access privileges, control structures, and resources.
• Safeguards information system assets by identifying and solving potential and actual security problems.
• Recognizes problems by identifying abnormalities; reporting violations.
• Determines security violations and inefficiencies by conducting periodic audits.
• Consolidate root cause analysis of past pentest results.
• Upgrades system by implementing and maintaining security controls.
• Require periodic after-hours/weekend support.
• Any other duties assigned by the Team Lead/Solution Architect.

Requirements

• 3 years experience in AWS Cloud Security, Security Hub, Guard Duty, Inspector, etc.
• Strong understanding of SSDLC and security frameworks.
• Knowledge in OWASP Security Standards.
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise IDS/IPS/SIEM platform.
• Hands on experience with vulnerability scanning and pentesting tools.
• Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations.
• Experience with identity and access management architectures and solutions including AD, RBAC, SSO, identity lifecycle management.
• Experience in IAM, secrets management, encryption technologies, SaaS services hardening, Kubernetes and container security
• Experience with Linux administration, shell scripting, and open-source security tools.
• Knowledge of security best practices in hardening and protecting cloud environments, networks, servers, endpoints, applications, and databases.
• Certifications in OSCP / CISSP / SANS / Other relevant security certifications.
• Excellent interpersonal skills, team player and independent worker.
• Ability to operate in a fast-paced work environment and deliver under pressure.
• AWS certification will be an added advantage.