At VyStar, we offer competitive pay, an excellent benefit package that includes a 401(k) Plan, an extensive paid technical and on-the-job training program, and tuition reimbursement--available to all full and part time employees. Part time positions start at a minimum of 30 hours per week.
We encourage you to become a part of VyStar Credit Union's family of employees.
Cloud Security Engineer IIACCOUNTABILITY STATEMENT
The Cloud Security Engineer II assists in the design and implementation of key layers of security infrastructure as related to industry best practices to protect VyStar’s cloud presence using a multi-layered security philosophy.
Provide technical management of cloud security technologies across the VyStar enterprise and cloud presence. This requires business partnering and communications, planning, metrics, reporting and hands-on execution. The position is a technical role responsible for the design and implementation of VyStar’s cloud security systems.
Work closely with the Information Security Team to promote a strong sense of teamwork and an enterprise-wide proactive risk mitigation approach.ESSENTIAL JOB FUNCTIONS
- Drive Office 365 and Azure to ensure security standards and best practices are applied and followed.
- Review current environment, including migrations and identify recommendations and remediations as needed.
- Responsible for security operations and compliance for all email and content management systems within Office 365.
- Drive solutions, upgrades and dashboards related to O365 and Azure security vulnerabilities.
- Drive adoption and management of O365 Security and Compliance center to better manage records according to established schedules and data loss protection policies.
- Acts as an information security subject matter resource on projects and coordinates with other departments throughout VyStar to ensure security is considered throughout the enterprise.
- Work with project managers and members of various project teams to ensure security requirements are designed into projects.
- Lead small and midsize projects from design through the implementation phase.
- Engage business partners to understand requirements and ensure compliance with VyStar’s Information Security Standards.
- Collaborate with Information Security Management and Security Engineers on the architecture, design and implementation of new security infrastructure, standards and solutions to protect VyStar’s Cloud assets.
- Assist the Security Engineers in the design and implementation of key layers of information security as well as supporting, updating and monitoring the security infrastructure.
- Review and approve configuration changes, software patches and signature updates related to information security systems throughout the enterprise.
- Provide back-up and support to the Information Security Team.
- Follow strict change control processes.
- Assist Security Engineers in monitoring and reporting on key metrics for enterprise security reliability, change issues, and enterprise security posture.
- Maintains accurate documentation of Information Security systems and devices, continually accounting for rule changes, policy updates, patches, etc.
- Assist Information Security Team on implementing the SANS 20 Critical Controls.
- Assist the Security Analysts and IT teams with vulnerability remediation and validation.
- Ability to function effectively within a team as well as a willingness to guide and mentor others is essential.
- Act as an effective back-up for Security Engineer responsibilities.
- Participate in on-call rotation.
VyStar Excellence Behaviors: Demonstrate each of the following VyStar Excellence behaviors in performing the duties and responsibilities of the job.
- Focus - Focus your full attention by carefully listening to and observing your client or member.
- Connect - Consistently be friendly and approachable. Demonstrate you care.
- Understand - Listen empathetically and ask questions. (70%/30%)
- Counsel - Recommend solutions based on your client’s or member’s needs and objectives.
- Advance - Ensure that member's expectations were exceeded. Verify necessary follow-up action.
Values and Goals: Exhibit the Values of VyStar in all activities and support our key goals.
- Integrity, Trust, Respect, Caring, Courage, Dedication, Loyalty
- Quality Service is our Most Important Goal.
- Employees are our Most Important Asset.
Bachelor’s Degree in Information Technology, Cybersecurity, Computer Science, or related degree preferred. Education requirements may be substituted as follows: Two (2) years of work-related experience for each one (1) year of post high school education.
A professional certification in Microsoft Azure or Office 365, such as, Azure Security Engineer Associate, Security Administrator Associate is required. Obtain necessary continuing professional education hours to retain professional certification(s) and continuously build individual knowledge.
- 5+ years of experience with engineering and administering IT systems or networks
- 3+ years of experience with supporting Azure and Office 365
- Strong understanding of security design related to Microsoft Azure and Office 365.
- Solid understanding of network protocols, ports, and services.
- Strong analytical and problem-solving skills.
- High level of ethical integrity, with the ability to maintain confidential and sensitive information appropriately.
- Experience with Office 365 Advanced Threat Protection and E5 security tool set.
- Specific hands on experience working with Microsoft Azure and O365 cloud services such as Intune, MCAS, Teams, Exchange Online Protection, Defender ATP, Identity Management, Conditional Access, Federation, and Azure MFA.
- Good working knowledge of core Azure IAM technologies including ADFS, Azure AD, Conditional Access, MFA, RBAC models and Azure Policy & Blueprints for major Azure Services.
- Experience in a mid-size to large infrastructure consisting of a significant number of servers and users.
- Ability to utilize best practices for Cloud Services hardening standards.
- Ability to clearly and effectively communicate concerns, issues and research to other teams.
- Strong written and verbal communication skills.
- Experience in developing, documenting and maintaining security procedures.