Cloud Security Engineer

About the position

An experienced and motivated Cloud Security Engineer to help TNS develop and mature the security of our growing cloud footprint. The ideal candidate will have experience on multiple cloud environments including unified monitoring via cloud application security broker (CASB) and SIEM on behalf of a cybersecurity program. Serving as a Subject Matter Expert in the configuration and operation of the security consoles and controls within the environment. Providing analysis of outputs and recommendations for improving overall security posture. Finally, developing technical documentation supporting the architecture discussions and leadership decision.

Responsibilities

• Driving development and adoption of cloud security standards, best practices, and technologies within Enterprise IT infrastructure at TNS.
• Liaising and communicating security-related issues with internal business stakeholders.
• Developing, enhancing, and documenting security architecture, security policies, patterns, procedures, guidelines, and standards requiring cloud-based solutions.
• Implementing security controls to comply with industry best practices and various regulatory controls - PCI.
• Working with other teams to maintain security compliance for PCI or other security standards.
• Providing security recommendations and expertise on new services or for migrating applications.
• Conducting initial triage assessments of audit findings from audit or testing.
• Reviewing products and making recommendations to improve the security posture.
• Engaging with other internal and external groups to get and share information to improve processes and security posture.
• Proactively improving the security posture of cloud-based environments with Cloud Service Provider(CSP) services, Compliance as Code and automation.
• Reviewing reports from third-party penetration test results and document alignment to cloud provider guidelines and tools.
• Define, document, and share cloud provider incident response methodology that guides detection and response to cloud-based security incidents including defining first responder steps and incident manager role.
• Experience reviewing system and application logs (e.g., web or mail server logs), either to investigate security issues or complex operational issues.
• Verify cloud logging capabilities to establish accountability for events that occur in the cloud environment.
• Experience deploying physical, virtual and cloud hosted enterprise applications on MS Windows and/or Linux OS.

Requirements

• Confident, articulate, and professional speaking and writing abilities in English and Portuguese.
• An understanding of how cloud components work and integrate with each other for a given platform.
• Implementation and use of Vulnerability Management and Dynamic Application Security Testing (DAST) Tools (Qualys, Tenable).
• Assessment Tools for Cloud Security (Pacu, Aqua security Cloudsploit and other tools).
• Understanding controls supporting Zero Trust methodology and how to implement.
• Understanding of cryptography and encryption in the cloud.
• Knowledge of Center for Internet Security (CIS) Controls for Cloud Critical Security.
• Knowledge of industry best practices for security especially in the field of anything cloud, software as a service, and infrastructure as a service.

Nice-to-haves

• Bachelor's Degree or higher in Computer Science, in an information technology discipline or a related technical discipline; or the equivalent combination of education, professional training or IT work experience.
• Certificate of Cloud Security Knowledge (CCSK), CompTIA Cloud+, Certified Cloud Security Professional (CCSP), Azure Security Engineer Associate and/or AWS Certified Security.

Benefits

• Medical and dental coverage
• Life insurance
• Paid holidays and vacations
• 401K plan with company match