Bloomberg Industry Group - Arlington, VA
posted 2 months ago
Full-time - Mid Level
Arlington, VA
About the position
The Cloud Infrastructure Security Assistant Manager will work within a team of Information Security specialists responsible for the security program of Bloomberg INDG's on-prem and cloud infrastructure. The role focuses on collaborating with engineers to design secure solutions, emphasizing areas such as identity access management, infrastructure-as-code, cloud services, Kubernetes solutions, and vulnerability management.
Responsibilities
- Architect and implement security solutions across multiple cloud environments (AWS, Azure)
- Monitor the cloud security posture, suggest improvements, and help guide the cloud infrastructure security program's future
- Partner with platform engineering and development teams to adopt security standards across a range of areas, including Container Security, Infrastructure as Code, Identity and Access Management, Resource Policies, Virtual Host Security, and Data Protection
- Provide security guidance to development teams supporting client solutions
- Responsible for coordinating security enhancements and deployment efforts for implementing client solutions
- Assist with the implementation and management of cloud and on-premise security tools
Requirements
- Strong AWS Cloud knowledge (IAM, VPC, Security Groups, S3, KMS, etc)
- Demonstrated experience with evaluating identity-based policies, resource-based policies, access control lists (ACLs), permissions boundaries, and Service control policies
- Hands-on experience with DevSecOps with a focus on container and orchestration security
- Experience with Cloud Native Application Architectures and their associated security risks
- Experience with integration and management of holistic cloud security monitoring solutions
- Hands-on experience implementing secure configurations for AWS-managed services
- Ability to architect solutions across cloud services to auto-remediate risks
- Bachelor's degree in information security or equivalent experience
- One or more security certifications, such as AWS Certified Security Specialty or able to obtain one within 6 months of hire
- 3 years of experience in one or more of the following areas: DevSecOps, Cloud Security, Vulnerability Management, Platform and Infrastructure engineering, Product Security
