Our client is seeking a Cloud Security Engineer for a direct hire opportunity located in grapevine, TX.
Job Title: Engineer, Cloud Security
PRINCIPAL ACTIVITIES: This position does the following in accordance with all applicable Federal, State and local laws / regulations and the Company’s policies, procedures and guidelines:
The Cloud Security Engineer will be tasked with the following responsibilities/duties, all in accordance with applicable Federal, State and local laws / regulations as well as ratified company policies, procedures, and guidelines:
- Serve as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry-recognized security technologies and concepts.
- Provide security oversight and experience with a strong understanding of hybrid public/private cloud services, Infrastructure as Code, DevSecOps toolsets, and platforms including compute, storage, networking, containers, monitoring/logging, and Continuous Integration/Continuous Deployment (CI/CD).
- Work closely with various IT teams to provide guidance on security weaknesses in the KNA environment and refine & enhance the security strategy for cloud architecture.
- Work with other teams to define and build the processes necessary to protect KNA infrastructure from common threat vectors, OWASP vulnerabilities, and security & compliance misconfigurations.
- Actively engage and foster relationships with security champions on business and IT teams to understand their needs and evangelize a shift-left DevSecOps culture.
- Assist with planning and managing project efforts to define, implement, upgrade, enhance, and maintain security systems.
- Assist in designing, planning, and implementing security tools, controls, policies, and processes.
- Provide security consultation and guidance on new security products, features, and technology decisions.
- Research and investigate cyber threats and security incidents in the KNA environment.
- Active participation in ensuring KNA meets industry standard security & privacy compliance standards.
- Help develop cloud security technical roadmaps to drive constant cyber transformation and improvements in KNA’s defensive posture
- Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative cloud-based security offerings
- Troubleshooting and resolving complex security issues in Microsoft Azure, applying fundamental systems security understanding, skills, expertise, and experience to support the planning, design, development, and implementation of complex systems
- Ensuring that relevant threat and vulnerability data is considered in support of security-relevant decisions.
- Providing input to analyses of alternatives and to requirements, engineering, and risk trade-off analyses to achieve a cost-effective security architectural design for protections that enable mission/business success.
- Assist with the design, implementation, and continuous improvement of the KNA Cloud Platform and security program by developing capabilities and providing experienced guidance pertaining to development of secure, cloud-based, multi-tenant application and data services.
- Partner with product and architecture teams to educate, evangelize, and validate secure development practices.
- Build knowledge across the team in how to better secure, monitor, and respond to cybersecurity threats and incidents across KNA environment.
- Collaborate with the cloud platform team to establish the strategic cloud security and capabilities for the entire lifecycle of application and data services.
- Work closely with architects and engineers to identify and mitigate risks, perform security reviews, design top tier security practices, and help ensure delivery of secure technology products.
- Support a "security first" advocacy and encourage platform solutions that enable technology product teams to "shift left" with vulnerability identification and resolution.
- Propose, design, plan and execute strategic and tactical operational security objectives.
- Analyze threats and current security controls to identify gaps in current defensive posture.
- Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls.
- Advise on secure architecture/design, attack surface area reduction, least privileged design, threat mitigations, and security standard methodologies.
- Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components and help product teams identify solutions that meet security requirements.
- Evaluate and operationalize security tools by integrating with the development environment and commit/build pipelines.
EDUCATION, CERTIFICATIONS, AND TRAINING:
MS or BS degree in information security, computer science, or computer engineering
SKILLS AND BACKGROUND:
- Minimum 7 years of relevant business experience in Manufacturing and Finance.
- Understanding of security architecture to promote and develop new designs and security strategies across all types of infrastructure including cloud, on-prem & cloud-based applications.
- Very good understanding of cloud security principals.
- Good understanding of various cloud services such as Azure, AWS, Salesforce, ERP platforms etc.
- Good understanding of industry standard security tools.
- Technology product security architecture and engineering experience. Understanding of security vulnerabilities and attacks and the ability to mitigate them
- Familiarity of regulatory requirements (i.e., PCI, HIPAA, GLBA, SOX) and security frameworks (e.g.,NIST 800-53, OWASP, CSA cloud control matrix, MITRE etc.)
- Familiarity with Threat Intelligence and Security Operations processes and procedures.
- Knowledge of application security concepts, static/dynamic security analysis, software composition analysis, secrets management, WAF, RASP and related tools.
- Experience with vulnerability management, endpoint security, data protection technologies, SIEM deployments, security analysis and anomaly detections.
- Ability to continuously learn new technologies
- Excellent verbal and written communications skills
Must be able to read, write and communicate in English.
EQUIPMENT OPERATION (% of time, description, nature of service):
Office equipment including computer, copier, fax, phone, printer
Typical office environment.