Armor, Inc., the leader in Managed Detection and Response is looking for a talented and highly motivated senior security engineer to join its Security Operations Department. The Senior Cloud Security Orchestration Engineer will be primarily responsible for the day to day orchestration and countermeasure development of AWS security technologies and services protecting Armor customers. This position will work closely with other teams within the Security Operations department to ensure that Armor’s dynamic security solutions protect against today and tomorrow’s threats.
Senior Cloud Security Orchestration Engineer Essential Duties and Responsibilities: (Additional duties may be assigned as required)
- Develop, deploy, and maintain countermeasures within AWS Security Services and Products based upon Threat Intelligence and Incident Response indicators to include (but not limited to):
- Certificate Manager
- Cloud Directory
- Directory Service
- Firewall Manager
- Identity and Access Management (IAM)
- Key Management Service
- AWS Organizations
- Secrets Manager
- Single Sign-On
- AWS WAF
- Develop, deploy, and maintain policy baselines and standards for Armor security technologies.
- Conduct efforts to drive current operations towards proactively mitigating the attacks of tomorrow through dynamic and forward-thinking processes.
- Work closely with Engineering/Development teams to automate the orchestration of policy baselines and dynamic/real-time changes.
- Aid in the strategy, design, and development of next-generation intelligence operations tool sets for the near real-time visualization of indications of compromise.
- Aid in compensating controls and mitigation of 0-Day and critical vulnerabilities as they are realized.
- Act as a key member of the Security Operations department, to include sales and marketing engagements.
- Monitor and enforce guidelines for best practices in security and compliance.
- Respond to inquiries, guide and advise customers on security best practices.
- Advanced understanding of AWS Security Services and Products.
- Advanced understanding of Layer 7 security technologies and policy management.
- Advanced understanding of Host-based security controls and the management of their policies.
- Advanced understanding of correlation, automation, and orchestration techniques, and the logic behind these systems.
- Critical thinker who can analyze complex, highly technical data and direct the actions of others to achieve the company’s security objectives.
- Detailed knowledge in current cybersecuritythreats, trends, and risk mitigation techniques.
- Strong knowledge and operational experience in handling host and network-based incident response scenarios.
- Strong understanding of both Windows and Linux operating systems, as well as command line tools.
- Able to work both independently and with a team, prioritize tasks, and effectively manage time to ensure customer SLA’s and expectations are met.
- Able to promptly respond to issues via email, telephone, messaging, and other ticketing system.
- Self-motivated and detail-oriented.
- Highly skilled and/or educated in the area of Cloud Security, specifically AWS.
- Able to multi-task, prioritize, and resolve multiple inquiries at once.
- Excellent communication (oral and written), interpersonal, organizational, and presentation skills.
- Ability to work evenings/weekends as required and ability to be on-call 24x7 to server as the escalation point for your team.
Education And/Or Experience:
- Security and Technical Certifications (preferred): Security+, CEH, CCNP Security, CISSP, OSCP.
- Associates Degree or Bachelors’ Degree (preferred) and/or 3-7 years of job-related experience.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required:
- Knowledge of and ability to implement technical aspects of PCI DSS 3.2, HIPAA, and other compliance standards.
- Knowledge of and ability to administer both Windows and Linux Server environments.
- Knowledge of and ability to administer network and host-based security tools to include but not limited to firewall, IDS/IPS, SIEM, Antivirus/Antimalware, and Automation technologies.
- Knowledge of and ability to identify web attack vectors, e.g., SQL injection, XSS, CSRF, session-hijacking.
- Knowledge of and ability to administer scriptinglanguages: Perl, PHP, Python, Bash, Ruby.
While performing the duties of this Job, the employee is regularly required to sit and use hands. The employee may be required to assist with tasks in the data center and perform moderate lifting up to 100 lbs.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. The noise level in the work environment is usually low to moderate. The work environment may be in either an office setting, at the company’s data center, or at a third-party location for training.
Job Code: 799