Senior Cloud Security Engineer(remote)

$104,800 - $144,300/Yr

Humana - Springfield, IL

posted 13 days ago

Full-time - Senior
Remote - Springfield, IL
Insurance Carriers and Related Activities

About the position

The Senior Cloud Security Engineer at Humana is responsible for ensuring that cybersecurity policies are effectively engineered and deployed within cloud environments to meet compliance requirements. This role involves automating cloud security controls to mitigate threats and vulnerabilities, influencing departmental strategy, and making decisions on complex technical issues. The engineer will work independently, exercising considerable latitude in determining objectives and approaches to assignments, while focusing on securing multi-cloud environments using Infrastructure as Code (IaC) with Terraform and Prisma Cloud tools.

Responsibilities

  • Deploy and provide operational support for hierarchical NGFW policies in GCP using security tags, and automate configurations using Terraform and DevOps principles.
  • Manage and troubleshoot Azure Network Security Groups (NSGs) at scale, using Terraform to automate deployment, updates, and scaling of security rules across multiple environments.
  • Ensure all infrastructure changes are deployed through CI/CD pipelines using Terraform modules, following best practices for DevSecOps.
  • Develop and implement security policies, standards, and procedures for cloud-based applications and infrastructure employing Prisma Cloud's comprehensive security solutions.
  • Integrate robust code security measures and scanning capabilities into CI/CD pipelines and other cloud workflows using IaC.
  • Implement and manage enterprise security policies using Prisma CSPM's advanced capabilities, including preventive guardrails and automated remediations.
  • Leverage IaC and CI/CD to seamlessly deploy, patch, and upgrade Prisma Cloud and cloud-based security systems.
  • Configure vulnerability items, misconfigurations, and other alerts in Prisma Cloud, assisting stakeholders with timely remediation efforts.
  • Assist the SOC and Cyber Defense & Response Team during security incidents, involving timely configuration changes to Prisma and participation on major incident bridges.
  • Manage user access in Prisma portal based on least privilege roles, and provide operations training and support as needed.
  • Participate in a 24/7 on-call rotation to ensure rapid incident response.

Requirements

  • Bachelor's Degree in Computer Science, Information Technology, Cybersecurity or related field.
  • 7+ years of experience supporting and implementing multi-cloud security solutions with a focus on GCP and Azure.
  • 3+ years of direct, hands-on experience with GCP network access control and Azure NSGs, leveraging IaC automation (Terraform).
  • Proficiency in deploying and managing NGFW policies using security tags and hierarchical firewall rules within GCP.
  • Strong ability to manage and troubleshoot Azure NSGs, leveraging Terraform for automation and scaling.
  • Experience implementing security policies via IaC using Terraform and managing deployments through Azure DevOps (ADO) and GitHub Actions.
  • Expertise in DevSecOps and shift-left principles, ensuring security risks and misconfigurations are addressed early in the development process.
  • Ability to work in a 24×7 on-call rotation, triage incidents, and participate in incident bridges with senior leadership teams.
  • Proven experience in incident response and security operations, including assisting the SOC during critical events.

Nice-to-haves

  • Certification in Prisma Certified Cloud Security Engineer (PCCSE) and/or Palo Alto Networks Systems Engineer - Prisma Cloud Associate desired.
  • Additional certifications such as CISSP, CCSP, Security+, or relevant tracks for Azure and GCP.
  • Advanced experience with Terraform and managing large-scale IaC automation through CI/CD pipelines.
  • Experience implementing and managing Policy as Code (PaC) in cloud environments, including Azure Policy, GCP Organizational Policy, or HashiCorp Sentinel.
  • Familiarity with Agile methodology, including Scrum and Kanban frameworks.
  • Proficiency with scripting languages such as PowerShell, Python, YAML, and Bash.
  • Experience troubleshooting Linux environments using tools like cURL, tcpdump, netstat.

Benefits

  • Medical, dental and vision benefits
  • 401(k) retirement savings plan
  • Paid time off
  • Company and personal holidays
  • Volunteer time off
  • Paid parental and caregiver leave
  • Short-term and long-term disability
  • Life insurance

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service