Cloud Security Engineer

Brmi

posted 4 months ago

Full-time - Mid Level
Remote
Professional, Scientific, and Technical Services

About the position

BRMi is seeking a Cloud Security Engineer who will serve as a subject matter expert with hands-on experience in cloud technologies, tools, and methodologies, particularly focusing on Microsoft Azure. This role is designed for an experienced Cloud Engineer with a solid understanding of enterprise security, and it will emphasize the development of tool sets and processes to support our Cloud program. The Cloud Organization at BRMi promotes a collaborative environment and is dedicated to building a best-in-class Cloud program that safeguards information and cloud computing environments. The successful candidate will contribute to the vision and strategy for integrated security controls across various cloud service models, including Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS) within the Navy's Azure environment. The role requires a clear understanding of current risks and threats to cloud infrastructure, enabling effective communication with both technical and managerial audiences. The Cloud Security Engineer will drive initiatives related to Identity and Access Management (IAM), configuration management, and monitoring strategies for Azure. In addition to providing security consultancy and engineering support for cloud security solutions, the engineer will be responsible for architecture assurance on cloud security initiatives, ensuring compliance with existing security standards while interfacing with infrastructure and development teams. The role also involves maintaining security infrastructure tools built on the Cloud platform, ensuring stability, and developing policies and procedures. The engineer will support the development and delivery of a comprehensive Information Security Program (ISP) for the organization, documenting all security products, tools, technologies, and processes. Participation in Information Security Incident Response activities is also a key responsibility, along with responding to security vulnerabilities identified through audits and assessments of cloud services. The engineer will manage remediation efforts for any gaps reported in audits and actively monitor new and emerging cloud security technologies, trends, and solutions to assess their applicability to the cloud strategy.

Responsibilities

  • Contribute to the vision, strategy, and execution for integrated security controls across SaaS, PaaS, and IaaS for Navy's Azure environment.
  • Demonstrate a clear understanding of current risks and threats to Cloud infrastructure and IT infrastructures to technical and managerial audiences.
  • Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for Azure.
  • Provide security consultancy and engineering support for cloud security solutions, including analysis and development of Azure and other security solutions.
  • Provide architecture assurance on Cloud security initiatives and compliance with existing security standards, interfacing with infrastructure and development teams.
  • Maintain the security infrastructure tools built on the Cloud platform, ensuring stability and adherence to policies and procedures.
  • Support the development and delivery of a comprehensive ISP for the entire organization.
  • Develop and maintain documentation of all Security products, including specific tools, technologies, and processes.
  • Participate in Information Security Incident Response activities for the NFCU's environment.
  • Respond to security vulnerabilities identified through periodic and on-demand system audits and vulnerability assessments of Cloud services.
  • Manage remediation efforts for any gaps reported in audits or recommended process improvements.
  • Actively monitor new and emerging cloud security technologies, trends, issues, and solutions and assess their applicability to cloud strategy.
  • Perform other duties as assigned.

Requirements

  • Hands-on experience with Access control technologies such as Azure AD B2C; SAML SSO, oAuth 2.0 configuration, set-up and operations management.
  • Experience with certificate management for IaaS and PaaS elements.
  • Experience with Azure AD, Azure Resource Management Templates, and Azure policies.
  • Experience with Azure Key Vault integration and key management.
  • Experience with VSTS release management for Azure Key Vault and other IaaS and PaaS elements.
  • Hands-on development and scripting skills in PowerShell 5.
  • 7+ years' experience working in a technical role with a minimum of 3 years' experience focused on information security and access control.
  • Strong knowledge of information security and access controls.
  • Industry certification (CISSP, CISA, CISM, CEH) of high interest.
  • Financial industry experience preferred.

Nice-to-haves

  • Experience with CheckPoint Next Generation Firewall and Threat Prevention Suite.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service