Senior Cloud Security Engineer

About The Position

Requirements

• 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
• 1+ year of deep Prisms Cloud Enterprise experience, or experience with a similar Cloud Security Posture Management/Workload Protection tool such as Wiz or Aqua Security.
• 1+ year experience creating Prisma Cloud Enterprise custom policies via RQL, or experience with policy development for a similar Cloud Security Posture Management tool.
• 1+ year experience with scripting/automation languages such as Terraform, Python and/or PowerShell.
• 2+ years of Experience with and strong understanding of Azure and Google public cloud PaaS - platforms, services, configurations, workloads and hardening practices.
• 1+ year experience working with key industry frameworks/benchmarks/standards, such as: COBIT, Cloud Security Alliance (CSA), FedRAMP, FFIEC, NIST, CIS, etc.
• 1+ year experience with Atlassian suite of products (e.g., Confluence, Jira).
• 1+ year experience working on teams practicing Agile Scrum or Kanban methodologies.
• 2+ years experience with MS Word, Excel, Visio, PowerPoint, Outlook and Teams.

Nice To Haves

• Proven ability to work independently, as well as having strong interpersonal skills to work effectively within a Team and with partners.
• Critical thinking skills, consistent attention to detail, and ability to meet deadlines amidst competing priorities.
• Strong verbal and written communication skills.
• 2+ years of Kubernetes experience.
• Knowledge and understanding of Splunk Cloud.
• Hands-on technical experience w/ the build-out of Landing Zones and setup/configuration of Azure and Google public cloud PaaS platforms and services.
• Experience with creation of Build policy subtype in Prisma Cloud Enterprise using YAML.
• Experience enabling auto-remediation via Prisma Cloud.
• Experience with API driven automation of policy creation.
• Experience with IAM & Data Protection expertise for monitoring and responding to related incidents.
• Experience with Infrastructure as Code (IaC) and/or Policy as Code (PaC) concepts/tools.
• Experience with change and incident management practices in medium to large enterprise environments.

Responsibilities

• Utilize industry leading security solutions and best practices to achieve cloud resource/platform/service/application related integrity, confidentiality, risk management, threat identification, security monitoring/remediation and incident response.
• Perform engineering work related to the technical enablement for Cloud Security Posture Management.
• Scripting/automation and other engineering tasks related to the posture management aspects of Prisma Cloud Enterprise.
• Work on integration of Prisma Cloud to other systems such as Splunk Cloud.
• Execute design/engineering/testing of Prisma Cloud RQL queries that implement detective policies for monitoring cloud resource misconfiguration/configuration drift and/or container security scanning for vulnerabilities and security compliance.
• Transform Information Security requirements into Prisma Cloud Enterprise policies - both net new policy 'creation'/development, as well as policy modifications/update.
• Perform engineering level positive and negative testing of Prisma Cloud RQL policy code, along with assisting with maintain our dedicated testing environment, leveraging Terraform automation for cloud service instantiation and configuration to support policy test execution.
• Track or remediate vulnerabilities and security issues.
• Review and correlate security logs.
• Be a motivated self-starter, quick to adapt while staying focused on delivering results in a fast-paced environment with aggressive deadlines.
• Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals.
• Deliver clear, concise, and actionable communication to various levels of organization on a timely basis to ensure effective understanding, decision-making, and execution.
• Working effectively with a virtual Team consisting of members across various locations in the U.S. and India.

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement