Cloud Security Engineer

Blackbaud, Inc.   •  

Charleston, SC

Industry: IT Consulting/Services


11 - 15 years

Posted 396 days ago

This job is no longer available.

The Cloud Security Engineer (CSE) is responsible for ensuring that the implementation of security tool sets to support the business meets security and compliance mandates as the company moves to the cloud. The CSE partners with security architects and analysts to build security solutions that lowers risk to the company and operates as designed. They are experts in specific tool sets to support on premise solutions as well as cloud.

Responsibilities and requirements include:

  • Maintain security solutions including proper operation, patch upgrades and vendor management
  • Provides engineering oversight and direction for specific securitytechnology
  • Review existing toolsets, identify operational gaps, and recommends security enhancements
  • Assist in achieving securityarchitecture compliance on requirements, including: Sarbanes-Oxley, Payment Card Industry standards, HIPAA/HITECH, global data privacy requirements, as well as state and federal regulations
  • Serves as information security subject matter expert on security solutions; provide advisory and consulting services as needed
  • Identifies, evaluates, conducts, schedules and leads individual technical analyses functions to ensure all applicable IS security requirements are met
  • Monitors infrastructure design so that security toolsets are operating effectively
  • Provides technical lead on individual security projects across multiple technologies including infrastructure, secure electronic data transfer, networksecurity, platform security and application security
  • Provides expert opinion on business solutions and software prior to purchase
  • Supports the security architect in creating and maintaining the company's security design
  • Investigate opportunities to updatesecurity system capabilities to sustain and enhance network and system security integrity
  • College degree in Computer Information Systems, Computer Science, Information Systems Management, or equivalent professional experience
  • A minimum of ten (7) years (in excess of degree requirements stated above) of progressively responsibleexperience in the management of cybersecurity systems with at least seven (5) years of formal experience in information security.
  • Certification in highly technical information security disciplines such as: CISM, CISSP, CCSP, CCNP, CCDE, CCIE Security, and GIAC

The Cloud Security Engineer should possess expert knowledge of the following concepts, skills and technologies:

  • Defense in Depth principles and technology including access/control, authorization, Identification and authentication, public key infrastructure, network, and end point protection
  • Demonstrated experienceapplying securityrisk assessment methodology in support of system development, including threat model development, vulnerability assessments, and resulting securityrisk analysis
  • Demonstrated proven track record of communicating and working proactively and professionally with internal and external auditors and other groups responsible for ensuring that the company is properly protecting the interests of its customers, shareholders, and employees
  • Understanding of network protocols, data flow analysis, and network design and troubleshooting
  • Business needs with the ability to establish and maintain a high-level of customer trust and confidence in the security team
  • Project management skills
  • Application systems, networkarchitecture, multiple platforms and new technologies from a security perspective to include, but not limited to, Firewalls; Intrusion Detection/Prevention Systems; Operating Systems (UNIX, Windows); Networking (switches, routers, protocols, etc.); Network Services and Security Vulnerabilities; NetworkArchitecture; Remote Access; Multi-factor Authentication; Platform Security (Application, Database, OS); Antivirus; Federated Identity Management; Cryptography; Active Directory
  • System and network exploitation, attack pathologies and intrusion techniques (such as denial of service, syn attacks, malicious code, password cracking, etc)
  • Engineering, securing, implementing, and managing security solutions