Cloud Security Engineer

$90,000 - $120,000/Yr

Onestream Software - Birmingham, MI

posted 2 months ago

Full-time
Birmingham, MI
Publishing Industries

About the position

The Cloud Security Engineer at OneStream Software is a critical role within the Information Security team, focusing on enhancing the company's Cloud Security strategy, particularly in Microsoft Azure and 365 environments. The position involves developing and improving security measures, managing threat detection systems, and ensuring the security of cloud infrastructure and services to protect both company and customer information.

Responsibilities

  • Design, configure, and continuously improve security across Azure and Microsoft 365 landscape.
  • Configure and manage Microsoft Defender for Cloud protections.
  • Develop Azure Log Analytics Kusto Query Language (KQL) queries for monitoring and alerting.
  • Enhance MS Sentinel SIEM to facilitate threat hunting and detection of suspicious and anomalous behavior.
  • Implement and maintain system & application hardening, such as CIS Benchmarks and DISA STIG.
  • Regularly audit environments to validate secure configuration of resources, services and applications.
  • Work with other members of the Security team to review vulnerability scans and identify remediations.
  • Collaborate with Internal and Cloud teams to ensure secure configuration of infrastructure and services.
  • Support Risk/Compliance team with audit needs and validating adherence to control frameworks.
  • Create and update technical documentation, policies and procedures.

Requirements

  • BS/BA in Computer Science, Engineering, or technology-related field (or equivalent work experience).
  • 3+ years of experience securing cloud-based infrastructure, services and technologies.
  • Solid understanding of Cloud Security concepts including secure design & configuration, principle of least-privilege, data protection and detection & response to threats & indicators of compromise (IoC).
  • Hands on experience developing and utilizing a Security Information & Event Management (SIEM) tool, such as MS Sentinel.
  • Working knowledge of Azure Log Analytics and Kusto Query Language (KQL).
  • Experience applying hardening standards such as CIS Benchmarks or DISA STIG.
  • Experience with vulnerability scanning and remediation.
  • Strong understanding of Windows and Linux Operating Systems.
  • Familiarity with PowerShell, Bash, and REST APIs.
  • Familiarity with incident and change management.

Nice-to-haves

  • Experience working for a Cloud Service Provider (CSP), Managed Service Provider (MSP) or SaaS Provider.
  • 3+ years of experience working extensively in Microsoft Azure, Amazon Web Services (AWS) or Google Cloud Platform (GCP).
  • Understanding of compliance frameworks and security controls (NIST, FedRAMP, SOC, ISO, PCI-DSS, HIPAA).
  • Working knowledge of network security, TCP/IP, TLS, and firewall configuration.
  • Understanding of identity management systems and protocols (Entra ID, Okta, OIDC, SAML, OAuth).
  • Familiarity with Bicep, Terraform, Ansible, Azure DevOps, Git.
  • Understanding of Agile, Scrum, DevSecOps concepts.
  • Understanding of Azure Kubernetes Services (AKS) and container security.
  • Any certifications such as Microsoft Certified: Azure Security Engineer Associate (AZ-500), Azure Administrator Associate (AZ-104), Security Operations Analyst Associate (SC-200), CompTIA Security+.

Benefits

  • Excellent Medical Plan
  • Dental & Vision Insurance
  • Life Insurance
  • Short & Long Term Disability
  • Vacation Time
  • Paid Holidays
  • Professional Development
  • Retirement Plan

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service