Back to Job Search

Engineer, Cloud Security

  • Location: Grapevine, Texas, 76051
  • Job Type:Permanent

Posted 13 days ago

Our client is seeking a Cloud Security Engineer for a direct hire opportunity located in grapevine, TX.

Job Title: Engineer, Cloud Security

PRINCIPAL ACTIVITIES: This position does the following in accordance with all applicable Federal, State and local laws / regulations and the Company’s policies, procedures and guidelines:

The Cloud Security Engineer will be tasked with the following responsibilities/duties, all in accordance with applicable Federal, State and local laws / regulations as well as ratified company policies, procedures, and guidelines:

  • Serve as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry-recognized security technologies and concepts.
  • Provide security oversight and experience with a strong understanding of hybrid public/private cloud services, Infrastructure as Code, DevSecOps toolsets, and platforms including compute, storage, networking, containers, monitoring/logging, and Continuous Integration/Continuous Deployment (CI/CD).
  • Work closely with various IT teams to provide guidance on security weaknesses in the KNA environment and refine & enhance the security strategy for cloud architecture.
  • Work with other teams to define and build the processes necessary to protect KNA infrastructure from common threat vectors, OWASP vulnerabilities, and security & compliance misconfigurations.
  • Actively engage and foster relationships with security champions on business and IT teams to understand their needs and evangelize a shift-left DevSecOps culture.
  • Assist with planning and managing project efforts to define, implement, upgrade, enhance, and maintain security systems.
  • Assist in designing, planning, and implementing security tools, controls, policies, and processes.
  • Provide security consultation and guidance on new security products, features, and technology decisions.
  • Research and investigate cyber threats and security incidents in the KNA environment.
  • Active participation in ensuring KNA meets industry standard security & privacy compliance standards.
  • Help develop cloud security technical roadmaps to drive constant cyber transformation and improvements in KNA’s defensive posture
  • Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative cloud-based security offerings
  • Troubleshooting and resolving complex security issues in Microsoft Azure, applying fundamental systems security understanding, skills, expertise, and experience to support the planning, design, development, and implementation of complex systems
  • Ensuring that relevant threat and vulnerability data is considered in support of security-relevant decisions.
  • Providing input to analyses of alternatives and to requirements, engineering, and risk trade-off analyses to achieve a cost-effective security architectural design for protections that enable mission/business success.
  • Assist with the design, implementation, and continuous improvement of the KNA Cloud Platform and security program by developing capabilities and providing experienced guidance pertaining to development of secure, cloud-based, multi-tenant application and data services.
  • Partner with product and architecture teams to educate, evangelize, and validate secure development practices.
  • Build knowledge across the team in how to better secure, monitor, and respond to cybersecurity threats and incidents across KNA environment.
  • Collaborate with the cloud platform team to establish the strategic cloud security and capabilities for the entire lifecycle of application and data services.
  • Work closely with architects and engineers to identify and mitigate risks, perform security reviews, design top tier security practices, and help ensure delivery of secure technology products.
  • Support a "security first" advocacy and encourage platform solutions that enable technology product teams to "shift left" with vulnerability identification and resolution.
  • Propose, design, plan and execute strategic and tactical operational security objectives.
  • Analyze threats and current security controls to identify gaps in current defensive posture.
  • Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls.
  • Advise on secure architecture/design, attack surface area reduction, least privileged design, threat mitigations, and security standard methodologies.
  • Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components and help product teams identify solutions that meet security requirements.
  • Evaluate and operationalize security tools by integrating with the development environment and commit/build pipelines.

SPECIAL PROJECTS

As assigned.

MINIMUM QUALIFICATIONS

EDUCATION, CERTIFICATIONS, AND TRAINING:

MS or BS degree in information security, computer science, or computer engineering

SKILLS AND BACKGROUND:

  • Minimum 7 years of relevant business experience in Manufacturing and Finance.
  • Understanding of security architecture to promote and develop new designs and security strategies across all types of infrastructure including cloud, on-prem & cloud-based applications.
  • Very good understanding of cloud security principals.
  • Good understanding of various cloud services such as Azure, AWS, Salesforce, ERP platforms etc.
  • Good understanding of industry standard security tools.
  • Technology product security architecture and engineering experience. Understanding of security vulnerabilities and attacks and the ability to mitigate them
  • Familiarity of regulatory requirements (i.e., PCI, HIPAA, GLBA, SOX) and security frameworks (e.g.,NIST 800-53, OWASP, CSA cloud control matrix, MITRE etc.)
  • Familiarity with Threat Intelligence and Security Operations processes and procedures.
  • Knowledge of application security concepts, static/dynamic security analysis, software composition analysis, secrets management, WAF, RASP and related tools.
  • Experience with vulnerability management, endpoint security, data protection technologies, SIEM deployments, security analysis and anomaly detections.
  • Ability to continuously learn new technologies
  • Excellent verbal and written communications skills

LANGUAGE REQUIREMENTS:

Must be able to read, write and communicate in English.

EQUIPMENT OPERATION (% of time, description, nature of service):

Office equipment including computer, copier, fax, phone, printer

PHYSICAL REQUIREMENTS:

Typical office environment.