Senior Cloud and Software Development Security Engineer

Walker & Dunlop-posted 2 months ago
$140,000 - $155,000/Yr
Full-time • Senior
11-50 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

As a Senior Cloud and Software Development Security Engineer, you will play a critical role in securing the company’s cloud and application environments, including AWS, Azure, Kubernetes, and CI/CD pipelines. You will design and implement security architectures, embed 'security as code' practices, and guide developers on secure design patterns. Acting as an escalation point for complex security events, you will mentor teammates, advance security program maturity, and stay ahead of emerging threats. Your work will directly protect company assets, ensure compliance, and foster a culture of security by design.

  • Lead and manage security projects.
  • Assess, design, and document security solutions and processes for Amazon Web Service (AWS) and Azure.
  • Direct tasks and develop milestones for Information Security projects in support of Information Security goals in line with the Company's direction.
  • Work with software developers on secure best practices in Infrastructure as Code, cloud design patterns and CI/CD with built-in application security controls.
  • Work with key areas of business and IT to develop baseline network, cloud, container, and application security standards and integrate into the CI/CD pipeline.
  • Implement and automate 'security as code' using cloud services and CI/CD components as necessary.
  • Design security architecture, methods, and controls required to meet security, compliance, and audit requirements.
  • Develop, review, and update a library of technical documentation.
  • Develop metrics and provide regular reports to senior management.
  • Set requirements and direct managed security service providers (MSSPs) to ensure that they are appropriately managing the services to provide security to the company.
  • Perform regular security audits and automated compliance checks on AWS and Azure resources.
  • Collaborate with SRE and development teams to ensure secure coding, build, and deployment practices.
  • Work closely with DevOps, SREs, and developers to champion a 'security by design' culture.
  • Participate in security audits and formulate a plan of action and milestones to mitigate vulnerabilities.
  • Establish security baselines using best practices such as CIS benchmarks.
  • Work with other teams to test and implement security baselines into cloud environments.
  • Maintain thorough understanding of new developments and techniques in cybersecurity, privacy, and compliance.
  • Represent Information Security in disaster recovery procedures and exercises.
  • In the event of an outage, assist with the execution of corporate disaster recovery plan.
  • Log and update all security incidents in the company’s ticketing system and update management regularly on the threats, mitigation plans, and status.
  • Work within established configuration and change management policies to ensure awareness, approval, and success of changes introduced to the network and cloud infrastructure.
  • Establish processes to perform regular reviews of security configurations of cloud and software development environments.
  • Develop vulnerability management processes and manage the process to remediate the vulnerabilities.
  • Establish a process to escalate when vulnerabilities cannot be remediated in a timely manner.
  • Review security notifications from the company’s vendors to determine which vulnerabilities would cause an impact.
  • Assist in developing and enforcing data governance policies, data classification standards, and compliance workflows (e.g., GDPR, HIPAA, SOC 2).
  • Provide 24/7 on-call support for security incidents related to network systems and infrastructure.
  • Perform other duties as assigned.
  • Bachelor’s degree in computer science, information security, or related field, or equivalent professional experience.
  • 5+ years of experience in security engineering, DevSecOps, or cloud security.
  • Industry certifications (e.g., CISSP, CCSP, AWS/Azure Security Specialty) preferred.
  • Significant technical experience in AWS and Azure cloud computing technologies and automation (HashiCorp, Terraform, GitLab, JIRA, etc.).
  • Experience in DevOps environments working with and influencing developers to maintain security through CI/CD processes.
  • Proficient and up to date with Azure and AWS.
  • Hands on experience with Azure Resource Manager, AWS CloudTrail, AWS IAM, AWS Security Hub, AWS Control Tower.
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment.
  • Knowledge of network based, system level, and application layer attacks and mitigation methods.
  • Experience extracting pertinent security data from SIEM solutions, audit logs, and reports.
  • Knowledge of technical security control environments and compliance frameworks including NIST Cloud Security Frameworks, CSA CCM, ISO 27017.
  • Extensive knowledge of cloud environments including security, configuration, and management.
  • Possess strong analytical skills and an ability to identify complex issues.
  • Possess strong interpersonal, organizational, customer service, and communication skills and an ability to interact effectively with a wide range of users of varying levels of technological expertise.
  • Must have documentable knowledge of cloud architecture, networks, security, network planning, and analysis.
  • Demonstrated experience implementing security policies and procedures.
  • Must work well within a deadline-driven environment.
  • Ability to show ownership of your work, take on challenges and acknowledge growth opportunities, and demonstrate patience when learning new processes.
  • Courtesy, respect, and thoughtfulness in teaming with colleagues and other stakeholders.
  • Up to 83% subsidized medical payroll deductions
  • Competitive dental and vision benefits
  • 401(k) + match
  • Pre-tax transit and commuting benefits
  • A robust health and wellness program – earn cash rewards and gain access to resources that promote health, engagement, and balance
  • Paid maternity and parental leave, as well as other family paid leave programs
  • Company-paid life, short and long-term disability insurance
  • Health Savings Account and Healthcare and Dependent Care Flexible Spending
  • Career development opportunities
  • Empowerment and encouragement to give back – volunteer hours and donation matching
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Senior Cloud Engineer Resume Examples
Senior Cloud Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service