Job Overview

We are seeking a highly skilled and motivatedSenior Cloud Security Engineer to join our cybersecurity team, with a focus on guiding cloud security strategy and implementation in a dynamic "DevSecOps" environment. In this role, you will be responsible for setting the vision and ensuring the security of all cloud services implementations through both technical leadership and hands-on engineering. The ideal candidate will possess excellent communication and leadership skills, and demonstrate extensive experience in AWS cloud security—including cloud-native security controls, integration and automation, and stakeholder management.

You will have a strong background in AWS cloud security and an in-depth understanding of many common native AWS security services and controls, adept at building integrations with common AWS services through API frameworks and Platform Automation Development.

Responsibilities:

• Drive, implement, contribute and support/operate AWS cloud cybersecurity strategy for Arrowstreet.

• Leveraging automations; design, drive, deliver and operate cybersecurity controls necessary for each new cloud services that will be deployed within our cloud tenants.

• Continuous assessment of our cybersecurity risk posture and implement/operate necessary improvements.

• Collaborate with AWS account executives to align their cloud solutions and recommendations with Arrowstreet’s business goals, security standards, and technology roadmap.

• Collaborative approach with network engineering, systems engineering and cloud engineering teams to integrate security with AWS cloud designs, initiatives and controls and other platforms or workflows that ultimately support cloud workloads.

• Provides exceptional AWS cybersecurity expertise at a very technical level focused on design, engineering and operational support towards the successful delivery of services.

• Participate in deep cloud architectural discussions and drive topics, directions and problem-solving outcomes to ensure solutions are designed for successful security controls and visibility.

• Educate and coach project team members, sponsors, and functional leaders on cloud cybersecurity aspects and outcomes, influence change/direction as needed.

• Facilitate and advance high level strategic decision making through detailed analysis and technical justifications.

• Recommend new or provide enhancements of existing cybersecurity tooling and services within cloud environments.

• Partake in a team rotation of CSIRT responsibilities.

Qualifications:

• Proven record of similar experience of securing AWS cloud tenants using both cloud native, open source and commercial based security solutions.

• Strong experience with these AWS Security tools/concepts: SCP, KMS, GuardDuty, SecurityHub, IAM and Condition, VPCE and VPCE policies, Macie, Inspector.

• Strong CloudFormation and Python knowledge with Boto3 library and others.

• Experience with securing Containers, Kubernetes stacks, Pipelines (SDLC).

• Experience with endpoint detection and response implementations.

• Experience with runtime detection and prevention capabilities.

• Experience with vulnerability management for cloud workloads and how to operate them.

• Passion for technology, a willingness to learn new skills and the ability to evangelize

• Self-motivated and self-directed, ability to translate technical direction into functional solutions

• Ability to work effectively, managing multiple priorities while collaborating with cross-functional teams

• Proven ability to investigate complex issues spanning multiple technologies and drive to completion

• Understanding of micro-system environments is an added plus; EKS, ECS etc.

• Excellent written, oral, and presentation skills, with the ability to explain technical concepts to non-technical senior stakeholders and drive organizational alignment.

• Degree in Computer Science or related field

Nice to have

• Terraform or similar framework automation is an added plus.

• Routing and switching / networking experience is an added plus.

• Terraform or similar framework automation is an added plus.

• Routing and switching / networking experience is an added plus.

The base salary range for this position is $110,000 to $315,000 per year.