This position requires the person to have strong technical skills in various computer operating systems, scripting languages, cloud security and cloud provider ecosystems such as Google Cloud, Azure and Amazon AWS. Excellent oral and written communication skills are essential in addition to strong problem-solving skills. This position also requires the person to be quickly adaptable to the changing threat landscape of cyber security and can respond to after-hour emergencies when the need arises.
Job responsibilities can include creating security controls for cloud-based programs, performing threat simulations to detect possible risks, and providing security recommendations on cloud based security topics. This position may instruct other teams on proper coding methods and also investigate, create, and recommend innovative technologies or other methods that will enhance the security of cloud-based environments.
Six plus (6+) years working in an Information Security domain. Three (3) years as a Cloud Security Engineer working with Amazon AWS or Google Cloud, or Azure. This experience must show evaluation and deployment of security practices for a cloud service as well as monitoring and auditing of implemented security controls.
- Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten
- Security testing methodologies, tools and techniques - understanding of common cloud and application security vulnerabilities and controls to remediate these weaknesses
- Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies
- Can demonstrate active participation on a Computer Security Incident Response Team (CSIRT).
- Master’s Degree (Information Security/Computer Science/Electronics and Engineering/Information Technology), or equivalent work experience
- Professional Security Certifications: CISSP, CCSP, CISA, CISM, ITIL
- Strong knowledge of industry standards as they relate to Cloud and Application security management to include ISO, NIST, and Cloud Security Alliance (CSA)
- Exposure to agile development, DevOps, SecOps and scrum teams
- Hands-on-experience with cloud security designs on AWS, GCP or Azure