Cloud Security and Access Control Engineer

Navy Federal Credit Union - Winchester, VA

posted about 1 month ago

Full-time - Mid Level
Winchester, VA
Credit Intermediation and Related Activities

About the position

The Cloud Security and Access Control Engineer at Navy Federal Credit Union is a subject matter expert role focused on enhancing the security of cloud technologies, particularly within the Microsoft Azure environment. The position involves developing tools and processes to support Navy's Cloud program, ensuring the protection of sensitive information and compliance with security standards. The role requires collaboration with various teams to implement integrated security controls across different cloud service models.

Responsibilities

  • Contribute to the vision, strategy, and execution for integrated security controls across SaaS, PaaS, and IaaS for Navy's Azure environment.
  • Demonstrate understanding of current risks and threats to Cloud infrastructure to both technical and managerial audiences.
  • Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for Azure.
  • Provide security consultancy and engineering support for cloud security solutions, including analysis and development of Azure security solutions.
  • Ensure architecture assurance on Cloud security initiatives and compliance with existing security standards.
  • Maintain security infrastructure tools built on the Cloud platform, ensuring stability and adherence to policies and procedures.
  • Support the development and delivery of a comprehensive Information Security Program (ISP) for the organization.
  • Develop and maintain documentation of all security products, tools, technologies, and processes.
  • Participate in Information Security Incident Response activities for the NFCU's environment.
  • Respond to security vulnerabilities identified through audits and assessments of Cloud services.
  • Monitor compliance with the organization's information security policies among employees, contractors, and third parties.
  • Manage remediation efforts for gaps reported in audits or recommended process improvements.
  • Monitor new and emerging cloud security technologies and assess their applicability to Navy Federal's cloud strategy.

Requirements

  • BS Degree in Computer Science, Information Technology, or a similar field.
  • Hands-on experience with Access control technologies such as Azure AD B2C, SAML SSO, and oAuth 2.0 configuration.
  • Experience with certificate management for IaaS and PaaS elements.
  • Experience with Azure AD, Azure Resource Management Templates, and Azure policies.
  • Experience with Azure Key Vault integration and key management.
  • Experience with VSTS release management for Azure Key Vault and other IaaS and PaaS elements.
  • Hands-on development and scripting skills in PowerShell 5.
  • 7+ years' experience in a technical role, with a minimum of 3 years focused on information security and access control.
  • Experience with Microsoft Defender for Cloud and Microsoft Defender for Cloud Apps.
  • Experience with Azure DevOps permission management and overall governance.
  • Experience with Azure conditional Access and Privileged Identity Management (PIM).
  • Experience with Azure Identity Governance.
  • Understanding of encryption options in Azure such as CMK with DES and TDE.
  • Working knowledge of App registration management and enterprise Applications.
  • Strong knowledge of information security and access controls.
  • Industry certification (CISSP, CISA, CISM, CEH) is of high interest.
  • Financial industry experience preferred.
  • Experience with Sentinel and Azure Purview.

Nice-to-haves

  • Experience in the financial industry is preferred.
  • Industry certifications such as CISSP, CISA, CISM, or CEH.

Benefits

  • Highly competitive pay
  • Generous benefits and perks
  • Recognition as one of the best companies to work for in various categories
  • Hybrid workplace options
  • Diversity and inclusion initiatives

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service