Motorola Solutions
posted 6 months ago
About the position
CPE Security is seeking a strong Cloud Security Engineer to help us develop, deploy and manage cybersecurity components that protect our SaaS Infrastructure running in AWS, Azure, and GCP. This position is part of our Cloud Platform Engineering (CPE) organization, which operates and manages MSI's Public Safety Application SaaS platform. You will be part of a team that is responsible for the security of these mission-critical systems that are used every day by public safety and government agencies across multiple countries. In this role, you will also be working in a world-class team that uses state-of-the-art technologies and techniques. Your efforts will help to shape engineering culture and standards across our software product organization. As a member of the team, you will be responsible for building and deploying security components such as Web Application Firewall, Antivirus, Cloud Workload Protection, Case Management, and SOAR tools. You will maintain these security components across a number of cloud environments and will be involved in the maintenance and some design of platform operational security configuration, including WAF rules, IDS/IPS settings, NSG settings, and security controls over the entirety of the infrastructure. Staying abreast of technology evolution and providing recommendations to enhance security posture will be a key part of your responsibilities. You will evaluate, test, and recommend new cloud security tools (WAF, IPS/IDS, CWP, SOAR) and develop tools for automated self-verification of security functions. Additionally, you will implement automated tools to support automated inventory, identification of configuration changes, security alerting, CVE tracking, and associated dashboards. Supporting compliance assessments to various industry best practices and standards such as FedRAMP, CJIS, NIST, OWASP, GDPR, ISO, SOC 2, etc., will also be part of your role. Collaboration on SIEM detection rules and with the Threat Management team during critical incidents to aid in remediation will be essential.
Responsibilities
- Member of the team responsible for building and deploying security components such as Web Application Firewall, Antivirus, Cloud Workload Protection, Case Management, and SOAR tools.
- Maintaining security components across a number of cloud environments.
- Maintenance and some design of platform operational security configuration, including WAF rules, IDS/IPS settings, NSG settings, and security controls over the entirety of the infrastructure.
- Stay abreast of technology evolution and provide recommendations to enhance security posture.
- Evaluate, test and recommend new cloud security tools (WAF, IPS/IDS, CWP, SOAR).
- Develop tools for automated self-verification of security functions.
- Implement automated tools to support automated inventory, identification of configuration changes, security alerting, CVE tracking, and associated dashboards.
- Support compliance assessments to various industry best practices and standards such as FedRAMP, CJIS, NIST, OWASP, GDPR, ISO, SOC 2, etc.
- Collaborate on SIEM Detection rules.
- Collaborate with the Threat Management team during critical incidents to aid in remediation.
Requirements
- Citizen of the United States (US) and residing on US soil.
- Five+ years of experience in software development & deployment in virtualized environments, security engineering, DevSecOps, and Linux system administration experience.
- Good interpersonal skills and ability to collaborate with a variety of work partners.
- Experience building and deploying cloud applications and tools.
- Strong Linux system administration skills.
- Strong familiarity with cloud technologies, primarily GCP, Azure, and AWS.
- Strong scripting experience with Shell Scripts, Powershell and Python.
- Strong familiarity with the functions of WAF and IDS/IPS components.
- Hands-on experience with using Elasticsearch is required.
- Familiarity with Kubernetes is required.
- Must be familiar with cloud security best practices.
- Experience with Azure Security controls.
- Must be familiar with docker and tools used to secure docker deployments such as Prisma Cloud/Twistlock, Aqua, StackRox or NuVector.
- Familiarity with CIS benchmarks including the Docker, Linux, and Kubernetes benchmarks would be a plus.
- Bachelor's or Master's degree in Engineering is preferred.
Nice-to-haves
- Familiarity with CIS benchmarks including the Docker, Linux, and Kubernetes benchmarks would be a plus.
Benefits
- Incentive Bonus Plans
- Medical, Dental, Vision benefits
- 401K with Company Match
- 9 Paid Holidays
- Generous Paid Time Off Packages
- Employee Stock Purchase Plan
- Paid Parental & Family Leave
- and more!
