Senior Cloud Security Engineer

About The Position

Requirements

• B. A. or B.S. (or higher-level degree) in Computer Science or a similar engineering program with strong academic performance preferred.
• 7+ years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure.
• AWS Security, CISSP, CISA, OSCP or other information security certification.
• Security certifications such as Cisco CCNP Security, AWS Security, CISSP, CISA, OSCP are a plus.
• Experience in performing security reviews of cloud application designs, source code and deployments.
• Must have knowledge and stay up to date on the latest cloud security advisories, alerts and vulnerabilities.
• Strong verbal and written communication skills for a highly collaborative environment.
• Rigorous attention to detail and focus on quality of deliverables.
• Expertise in AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM.
• Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation.
• Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation.
• Proven team experience and comfort in a team-oriented environment.

Nice To Haves

• Passion for working with cloud technology and excitement for creating high quality, secure consumer technology products.

Responsibilities

• Experience in cloud security or engineering in public cloud providers AWS, GCP and Azure.
• Experience with evaluating, reviewing, and deploying cloud native security tools in AWS and Azure.
• Hands-on experience with monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM.
• Lead network security initiatives with a primary focus on Cisco technologies (FirePower, ASA, ISE, Umbrella, Stealthwatch).
• Utilize the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Determine, monitor and maintain our security posture, in collaboration with Engineering.
• Oversee and manage the deployment, integration and configuration of security solutions and of any enhancements to existing security solutions and the enterprise's security documents.
• Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle.
• Implement and manage security policies, firewall configurations, and network segmentation strategies.
• Oversee the deployment and security of F5 technologies and WAF at the edge.
• Develop and implement DDoS protection strategies.
• Recommend actions/practices to management in order to ensure compliance with security and regulatory requirements in decision-making processes.
• Suggest actions in order to mitigate risk in any activity that potentially impacts security of existing IT and information management.
• Craft responses to client and partner security questionnaires.
• Other duties as assigned.

Benefits

• Competitive pay and benefits inclusive of subsidized medical plan options.
• An HSA with generous company contribution.
• A 401(k) with employer match.
• Paid holidays, wellness time, and vacation increasing with tenure.
• Paid maternity and bonding leave.
• Company-paid disability and life insurance.
• FSAs, well-being resources and activities.
• Casual dress work environment.