Sr. Cloud Security Engineer

Aspect Software   •  

Orlando, FL

Industry: Enterprise Technology

  •  

5 - 7 years

Posted 43 days ago

This job is no longer available.


Job Description

GENERAL SCOPE & SUMMARY

The Sr. Cloud Security Engineer is responsible for managing various projects that include evidence gathering for PCI/SSOC/ISO audits, incident response, identifying and remediating vulnerabilities, and operationalizing security within cloud operations.

PRIMARY ROLE & RESPONSIBILITIES

  • Provide technical leadership for the Cloud Security Engineering team.
  • Respond to alerts from the Security Information and Event Management (SIEM), Antivirus (AV), and File Integrity Monitoring (FIM) systems.
  • Plan and oversee security projects and initiatives.
  • Automate evidence gathering for PCI and SOC audits.
  • Automate delivery of security services.
  • Develop and maintain Center for Internet Security (CIS) hardening standards.
  • Create, implement, and adhere to policies, procedures, and security practices. Ensure others follow proper escalation procedures.
  • Implement and maintain the Vulnerability Management program.
  • Interact with auditors to determine scope of audits, evidence necessary, remediation, and mitigation.
  • Collaborate with the Cloud Operations and R&D teams to create a Plan of Action and Milestones (PoAM) for findings requiring multiple team to correct.
  • Report common and repeat problems (trend analysis) to management and propose process and technical improvements.
  • Perform system maintenance for security appliances and applications and maintain current documentation.
  • Implement security mechanisms into the Continuous Delivery (CD) pipeline.
  • Maintain security compliance for Kubernetes clusters.

Qualifications

Requirements

  • Minimum of 5-years Information Security experience required.
  • Knowledge of AWS is required.
  • Experience with the following areas: DevSecOps, Security Engineering, Incident Handling, Intrusion Detection.
  • Experience with scripting languages and tools such as Bash, Python, Chef, Puppet, and Ansible.
  • Administration of AWS and securing AWS services.
  • Knowledge of CI/CD (Continuous Integration and Continuous Delivery) technology.
  • Container and Container orchestration tools - Kubernetes, Docker.
  • One or more of the following Certifications preferred: CISSP, CISA, CISM.
  • PCI, SOCII, or ISO experience.
  • Bachelor's degree in related discipline is preferred.

*LI-KG1