Cybersecurity Specialist 3

BizTek People, Inc. | APA International Placement Consultants•Milwaukie, OR

About The Position

seeking a Cloud Security Engineer to support cloud security initiatives and ongoing cybersecurity programs. This role will focus on securing Azure environments, automating security processes, and supporting enterprise security monitoring. Scope The scope includes working with members of the IT&S (Information Technology and Services) Department to: - Reduce fragmentation across multiple remote access tools, creating consistent controls, deduplicating capabilities, and reducing operational complexity -- Configure Azure Cloud Application Security Broker (CASB) -- Evaluate and secure other access methods in the context of CASB -- Review vulnerabilities, triage issues, and partner with technology and business teams to drive remediation -- Ensure secure design, deployment, and documentation for applications and services -- Collaborate with other technology teams and business units on secure remote access practices - Extend automation capabilities to define, prioritize, and develop standardized incident response activities -- Configure Azure score manager to track historical score data -- Automate log collection from new Azure subscriptions -- Normalize Event Hub log collection -- Automate baseline security configuration and utility deployment using Ansible - Scripting KPI and metrics collection and presentation - Develop new integrations and vulnerability related alerts in Splunk Deliverables - Documentation -- Architectural Review Board (ARB) -- Technical Review Board (TRB) -- Change Management Review Board (CMRB) -- Change Advisory Board (CAB) -- Other documentation as required (e.g., for audits and inspections, updates to standards and procedures, etc.) - Consult with project team and other stakeholders, e.g., IT practitioners, the Cybersecurity and Compliance teams, Enterprise Architecture, Applications, Infrastructure, Network, Database, OCM, etc. during testing and implementation.

Requirements

4+ years of practical application security experience.
2+ years of practical information security experience.
Practical experience using Security Information and Event Management (SIEM) tools to sort, analyze, view, and report on data.
Knowledge of technology protocols and security concepts.
Experience working in a remote, cross functional team, with the ability to drive the scope of work.
Ability to lead work effort with little day to day supervision. Ability to work through ambiguity and escalate issues to maintain project momentum.
Excellent interpersonal skills, including collaboration, facilitation, and negotiation.

Nice To Haves

Industry cybersecurity and technology certifications are a plus.
Experience working in a regulated utility environment is a plus.

Responsibilities

Configure Azure Cloud Application Security Broker (CASB)
Evaluate and secure other access methods in the context of CASB
Review vulnerabilities, triage issues, and partner with technology and business teams to drive remediation
Ensure secure design, deployment, and documentation for applications and services
Collaborate with other technology teams and business units on secure remote access practices
Configure Azure score manager to track historical score data
Automate log collection from new Azure subscriptions
Normalize Event Hub log collection
Automate baseline security configuration and utility deployment using Ansible
Scripting KPI and metrics collection and presentation
Develop new integrations and vulnerability related alerts in Splunk
Documentation for Architectural Review Board (ARB)
Documentation for Technical Review Board (TRB)
Documentation for Change Management Review Board (CMRB)
Documentation for Change Advisory Board (CAB)
Other documentation as required (e.g., for audits and inspections, updates to standards and procedures, etc.)
Consult with project team and other stakeholders, e.g., IT practitioners, the Cybersecurity and Compliance teams, Enterprise Architecture, Applications, Infrastructure, Network, Database, OCM, etc. during testing and implementation.