Senior Cloud Security Engineer - AWS

NTF  •  Boston, MA

5 - 7 years experience  •  Security

$154K - $176K ($140K - $160K base + 10%, yes)
Posted on 10/19/17 by Jeffrey Dellinger
NTF
Boston, MA
5 - 7 years experience
Security
$154K - $176K
($140K - $160K base + 10%, yes)
Posted on 10/19/17 Jeffrey Dellinger

Excellent product and services company with solid growth opportunity. Must be local to the Boston Metro Area. 

The Senior Cloud Security Engineer is responsible for the advanced planning, development, implementation, and operational mgmt. of company's network and securityinfrastructure to ensure a reliable, responsive, and secure environment.

Responsible for the design, implementation, management, and monitoring of the securityinfrastructure and processes as well as leading efforts around vulnerability management, incident and event management, and working with various technologies to secure dynamic and growing environments. Application of securitytechnologies, ISO, NIST, and HIPPA-based security controls and industry best practices in a GxP environment.

Responsibilities:

Tactical

  • Enhance threat intelligence and assess applicability of reports
  • Perform internal securityaudits; assess, prioritize, and respond to findings
  • Review logs, correlate events, and investigate anomalous activity
  • Implement/enhance reporting to ensure comprehensive visibility of issues
  • Respond to incidents; partner withother teams as needed to resolve
  • Drive improvements to design and operational effectiveness of security controls
  • Maintain current standard operating procedures, controls documentation, and configuration management
  • Maintain detailed documentation of networksecurity solutions and technical security standards
  • Review and execute support, change, and policy tickets
  • Review external assessment reports; assess, prioritize, and respond to findings
  • Collaborate with Cloud Operations to manage existing security controls and change management

Strategic

  • Provide networksecurity expertise and guidance around security issues and recommend solutions to mitigate and eliminate risk to Companies information assets
  • Contribute to the development and enhancement of policies, standards, procedures, guidelines, and controls
  • Align initiatives with ISO 27001 and other industry standards
  • Review security capabilities and proactively work to identify and implement new capabilities
  • Evaluate and recommend new and emerging security products and technologies

Requirements:

  • Bachelor's degree in Computer Science, Information Systems Security, Business Administration or related field
  • Minimum 6-8+ year's relevant experience with a proven record of success
  • A minimum of 6 years of experience securing Linux (CentOS/RHEL) systems
  • Expert knowledge with security concepts and technologies including:
  • Layer 3 and Layer 7 Firewalls
  • IDS/IPS, FIM
  • VPNs, IPSEC, SSL/TLS
  • Networksecurity monitoring & traffic analysis
  • Data Loss Prevention
  • SIEM
  • Two-factor authentication standards and technologies
  • Federated authentication standards and technologies
  • DDoS and othersecurity vulnerabilities and risk mitigation strategies
  • Sound understanding and hands-on experience with AWS security best practices and services including:
  • AWS VPC, security groups, and WAF
  • IAM, KMS, and CloudHSM
  • CloudFormation, Config, and Inspector
  • CloudTrail
  • Trusted Advisor
  • Experience with open source tools for security management, monitoring, and analytics
  • Excellent analytical, reasoning, and problem-solving skills with good knowledge of tools and techniques for anticipating, recognizing, and resolving technical problems
  • Experience with networkarchitecture methodologies, standards, and tools
  • Experience with the application of threat modeling or otherrisk identification techniques
  • Excellent verbal and written communication skills, including executive-level presentations
  • Detailed knowledge of system security vulnerabilities and remediation techniques

Preferred

  • CISSP, CEH, SANS Security, and other industry and vendor-specific security certifications
  • Experience securing Windows systems

Not the right job?
Join Ladders to find it.
With a free Ladders account, you can find the best jobs for you and be found by over 20,0000 recruiters.