Cloud Security and Access Control Engineer

Navy Federal Credit Union - Pensacola, FL

posted about 2 months ago

Full-time - Mid Level
Pensacola, FL
Credit Intermediation and Related Activities

About the position

The Cloud Security and Access Control Engineer at Navy Federal Credit Union is a key role focused on enhancing the security of cloud environments, particularly within Microsoft Azure. The successful candidate will leverage their expertise in cloud technologies and enterprise security to develop tools and processes that support Navy's Cloud program, ensuring the protection of sensitive information and compliance with security standards.

Responsibilities

  • Contribute to the vision, strategy, and execution for integrated security controls across SaaS, PaaS, and IaaS for Navy's Azure environment.
  • Demonstrate understanding of current risks and threats to Cloud infrastructure to both technical and managerial audiences.
  • Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for Azure.
  • Provide security consultancy and engineering support for cloud security solutions, including analysis and development of Azure security solutions.
  • Ensure architecture assurance on Cloud security initiatives and compliance with existing security standards.
  • Maintain security infrastructure tools built on the Cloud platform, ensuring stability and adherence to policies and procedures.
  • Support the development and delivery of a comprehensive Information Security Program (ISP) for the organization.
  • Develop and maintain documentation of all security products, tools, technologies, and processes.
  • Participate in Information Security Incident Response activities for the NFCU's environment.
  • Respond to security vulnerabilities identified through audits and vulnerability assessments of Cloud services.
  • Monitor compliance with the organization's information security policies among employees, contractors, and third parties.
  • Manage remediation efforts for gaps reported in audits or recommended process improvements.
  • Monitor new and emerging cloud security technologies and assess their applicability to Navy Federal's cloud strategy.

Requirements

  • BS Degree in Computer Science, Information Technology, or a similar field.
  • Hands-on experience with Access control technologies such as Azure AD B2C, SAML SSO, and oAuth 2.0 configuration.
  • Experience with certificate management for IaaS and PaaS elements.
  • Experience with Azure AD, Azure Resource Management Templates, and Azure policies.
  • Experience with Azure Key Vault integration and key management.
  • Experience with VSTS release management for Azure Key Vault and other IaaS and PaaS elements.
  • Hands-on development and scripting skills in PowerShell 5.
  • 7+ years' experience in a technical role, with a minimum of 3 years focused on information security and access control.
  • Experience with Microsoft Defender for Cloud and Microsoft Defender for Cloud Apps.
  • Experience with Azure DevOps permission management and overall governance.
  • Experience with Azure conditional Access and Privileged Identity Management (PIM).
  • Experience with Azure Identity Governance.
  • Understanding of encryption options in Azure such as CMK with DES and TDE.
  • Working knowledge of App registration management and enterprise Applications.
  • Strong knowledge of information security and access controls.
  • Industry certification (CISSP, CISA, CISM, CEH) is of high interest.
  • Financial industry experience preferred.
  • Experience with Sentinel and Azure Purview.

Nice-to-haves

  • Experience in a financial institution.
  • Familiarity with additional cloud security tools and technologies.

Benefits

  • Highly competitive pay
  • Generous benefits and perks
  • Recognition as one of the best companies to work for in various categories
  • Hybrid workplace options

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service