Sr. Cloud Security Engineer (Azure)
Location: Rockville, Maryland - Remote
Employment Type: Permanent
Job ID: 15146
Date Added: 05/15/2023
Our Senior Cloud Security Engineer, within the Cloud Security group, ensures proper configuration standards are met and sustained in compliance with security policy, procedures, standards, and industry requirements/best practices.
You will have the opportunity to implement and maintain security controls including CSPM, CWP, CASB, next generation firewalls, container security and automated compliance tools. Additionally, you will get to perform cybersecurity monitoring of company cloud environments, ensuring proper monitoring coverage that correlates with internal security operations and processes. To be successful in this role, you should have a proven understanding of the CSA Cloud Controls Matrix as well as other security standards and regulations such as NIST, ISO, PCI. You will also want to have a deep understanding of cloud platforms such as Amazon Web Services (AWS), Microsoft Azure.
- Implement, monitor, and support security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environment
- Make recommendations to management on enhancements to existing and new security software or related tools
- Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current toolsets
- Help implement and maintain next-generation enterprise control tools and detection technologies
- Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration, and implementations
- Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks
- Partner with various business units to enhance security policies/procedures
- Create and maintain security documentation, policies, and procedures
- Direct hands-on experience designing and implementing security with AWS for both IaaS and PaaS offerings
- Bachelor’s degree or equivalent work experience required
- Five years of enterprise cloud (IaaS, PaaS, SaaS) experience, IT cloud security experience preferred
- Cloud certifications, such as CCSP, AWS CSA, Microsoft’s Azure Solutions Architect is preferred
- Experience with cloud security posture management (CSPM) and cloud workload protection (CWP) tools, such as Microsoft Defender for Cloud, AWS Security Hub / Config.
- In-depth understanding of Azure Policy and/or AWS Service Control Policies
- Deep knowledge regarding cloud networking, such as routing, traffic filtering (firewalls), load balancing, etc
- Experience with cloud hosted container security.
- Experience with DevOps and CI/CD tooling
- Experience in hardening AWS/Azure services.
- Strong ability to critical think and solve problems
- Develop cloud security strategy with a focus on compliance.
- Advise stakeholders and translate business requirements into secure, scalable, and reliable cloud solutions
- Complete hardening guideline reviews and assessments with developers, operations, and infrastructure teams
- Partner with system engineering / DevOps to assess and reduce cloud security risks.
- Assist with documentation of organizational cloud security standards, processes, and governance model
- Knowledgeable with CSA CCM security framework and CIS Benchmarks for Cloud
- Knowledge of host hardening, auditing, logging, monitoring, network security, and anomaly detections
- Understanding of industry trends for cybersecurity risk & threat intelligence, and governance
- Assist with implementation and improvements of Cloud Security operational capabilities within existing organizational support structure