Senior Cloud Security Engineer

Our company:

    We are seeking a highly skilled Senior Cloud Security Specialist to join our team. The selected candidate will play a critical role in building and fostering a security-focused culture within our organization. They will be responsible for identifying, quantifying, and managing technology risks affecting the business, with a particular focus on cloud security. The candidate will serve as a subject matter expert for IT Risk and Cyber domains, collaborating with cross-functional teams to ensure security, risk, and compliance objectives are met. Additionally, they will provide guidance on security best practices for application architectures and cloud platforms.


What we are looking from an ideal candidate?

    • Cultivate a security-focused culture through collaboration with business and technology teams.
    • Identify, quantify, and manage technology risks impacting the business, providing recommendations for resolution.
    • Proactively monitor Key Risk Indicators to identify non-compliance and assist in remediation.
    • Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains.
    • Collaborate on firm-mandated audits and perform required reviews associated with the audit.
    • Review Identity and Access Management (IAM) control standards and perform access reviews.
    • Ensure security of designs and blueprints for application architectures and cloud platforms.
    • Act as the cloud-security and compliance subject matter expert for the supported teams.

Preferred Skills:

What skills do you need?

    Required Skills:

    • Cloud Security: Proficiency in securing cloud environments.
    • Enterprise Security Tools: Hands-on experience with tools such as Qualys, Crowdstrike.
    • Azure Cloud Security Tools: Strong knowledge of Azure security resources (Azure policies, Blueprints, Microsoft Defender, KeyVault, Application Gateway, WAF, Log Analytics, etc.).
    • CIS Policies and SIEM Experience: Understanding of CIS benchmarks and experience with Security Information and Event Management (SIEM).
    • Application Security: Deep understanding of application security principles.
    • Network Security Technology: Knowledge of network security technologies like firewalls, Web Application Firewalls (WAFs), Web Gateways, and Intrusion Prevention Systems (IPS).
    • Infrastructure Security (On-Prem): Understanding of on-premises infrastructure security (Good to Have).
    • Identity & Access Management (IAM): Expertise in identity and access management solutions such as Active Directory, Azure AD, LDAP, SSO, and MFA.
    • Secure Software Development Life Cycle (SSDLC): Familiarity with code reviews, threat modeling, and dynamic application scanning.

    Qualifications:

    • 6+ years of experience, with a minimum of 5-6 years in cloud security.
    • Hands-on experience securing public cloud workloads in a hybrid, corporate environment.
    • Practical understanding of Agile, ITIL, monitoring, and metrics.
    • Solid knowledge of security and regulatory compliance standards and frameworks.
    • Ability to analyze security data using a mathematical or statistical approach.

     

    If you fit the description, do not hesitate to submit your resume at jobs@techvantagesystems.com. This is the job for you! - See you soon at Techvantage!