Cloud Security Engineer II

Published
March 25, 2021
Location
Tallahassee, FL
Category
Job Type

Description

Cloud Security Engineer II

The Cloud Security Engineer will be responsible for providing technical advisory and direction to engineers supporting the design, implementation, and continual operation of security tools and services. As an expert of translating business requirements and functional specifications, they will direct and implement robust enterprise security solutions to ensure strong protection of information assets. This person will successfully facilitate monitoring, testing, and the evaluation of security assessments of systems while designing and leading the implementation of remediation solutions.

They must have advanced knowledge of security best practices and tools involving IAM and digital certificate management systems across a large enterprise. This is a Technical Lead for project teams, establishing and maintaining programs to enable business operations compliant with regulatory industry standards.

GENERAL DUTIES & RESPONSIBILITIES:

  • Act as technical SME, guiding teams throughout implementation and management of InfoSec solutions – will define and oversee documentation of detailed standards (guidelines, processes, and procedures).
  • Continually educate others on current architectural guidelines and standards, driving efficiency through the design and implementation of InfoSec solutions.
  • Participate in monitoring security systems, log reviews, and managing information security systems.
  • Analyze system vulnerability scans, penetration tests and risk assessments; partner with business units to resolve identified vulnerabilities within established SLAs.
  • Create and lead internal and external penetration validation testing, ensuring computer systems are updated relative to all OS, patches, and virus protection software.
  • Facilitate effective collaboration with other technology teams including Engineering to design and implement remediation solutions.
  • Identify, report, and lead technical support activities during incidents as part of Incident Response team.
  • Lead technical evaluation of new security technologies, addressing current and future needs based on emerging threats and industry trends.
  • Remain updated on exploits relevant to this specific industry/environment; research preventative measures.
  • Solves complex cross-functional architecture/design and business problems; solutions are extensible; works to simplify, optimize, remove bottlenecks, etc.
  • Mentors and advises others and make recommendations to Business and Technology leadership to ensure alignment of infrastructure applications and data with current and future security standards.
  • As needed, respond to escalated enterprise systems security issues, facilitating advanced diagnosis.
  • Help oversee implementation of hardware/software changes in environments to ensure requirements are met.
  • Provide input for security breach response procedures, as well as lead security breach response activities.
  • Escalate problems to senior management/vendors as needed, leading break/fix activities.
  • Reduce risk and exposure of applications by analyzing security tool output and identifying remediations.
  • Complete complex custom enhancements to applications using secure coding techniques, reducing the threat of local or remote vulnerabilities.
  • Evaluate applications (including Kubernetes, Containers, Infrastructure, & host platform) to identify threats

EDUCATION / WORK REQUIREMENTS:

  • Act as technical SME, guiding teams throughout implementation and management of InfoSec solutions – will define and oversee documentation of detailed standards (guidelines, processes, and procedures).
  • Continually educate others on current architectural guidelines and standards, driving efficiency through the design and implementation of InfoSec solutions.
  • Participate in monitoring security systems, log reviews, and managing information security systems.
  • Analyze system vulnerability scans, penetration tests and risk assessments; partner with business units to resolve identified vulnerabilities within established SLAs.
  • Create and lead internal and external penetration validation testing, ensuring computer systems are updated relative to all OS, patches, and virus protection software.
  • Facilitate effective collaboration with other technology teams including Engineering to design and implement remediation solutions.
  • Identify, report, and lead technical support activities during incidents as part of Incident Response team.
  • Lead technical evaluation of new security technologies, addressing current and future needs based on emerging threats and industry trends.
  • Remain updated on exploits relevant to this specific industry/environment; research preventative measures.
  • Solves complex cross-functional architecture/design and business problems; solutions are extensible; works to simplify, optimize, remove bottlenecks, etc.
  • Mentors and advises others and make recommendations to Business and Technology leadership to ensure alignment of infrastructure applications and data with current and future security standards.
  • As needed, respond to escalated enterprise systems security issues, facilitating advanced diagnosis.
  • Help oversee implementation of hardware/software changes in environments to ensure requirements are met.
  • Provide input for security breach response procedures, as well as lead security breach response activities.
  • Escalate problems to senior management/vendors as needed, leading break/fix activities.
  • Reduce risk and exposure of applications by analyzing security tool output and identifying remediations.
  • Complete complex custom enhancements to applications using secure coding techniques, reducing the threat of local or remote vulnerabilities.
  • Evaluate applications (including Kubernetes, Containers, Infrastructure, & host platform) to identify threats

PREFERRED QUALIFICATIONS:

  • Strong background writing technical documentation.
  •  Proven ability and experience leading teams, with or without direct reports.
  • Strong knowledge of ITIL framework.
  • Experience with Continuous Integration/Continuous Deployment (CI/CD) tools.
  • Relevant InfoSec Certifications: CCSP, CISSP, CISM, CRISC, CISA, OSCP, GPEN, or Cloud Security certifications such as GCP Professional Cloud Architect, GCP Professional Cloud Security Engineer, and/or AWS and Azure certs

Cloud Security Engineer II  

Intermediate professional role. Moderate skills with high level of proficiency. Develops and implements solutions that require analysis and research. Works on small to large, complex projects that require increased skill in multiple technical environments. Possesses knowledge in a specific business area. Works on one or more projects as a team member or occasionally as a project lead. May coach more junior technical staff. Works under general supervision with latitude for independent judgment. May consult with senior peers on certain projects. Typically requires three (3) or more years of experience. Typically reports to an IT Security Manager. 

EEO Employer

Work from Home, United States

Apply
Drop files here browse files ...

Related Jobs

Instructional Designer I/II/III   Atlanta, GA new
April 15, 2021
April 15, 2021
April 15, 2021
April 15, 2021

Author: