Senior Cloud Security Engineer

Unclassified - Atlanta, GA

posted 3 months ago

Full-time - Senior
Atlanta, GA

About the position

The Senior Cloud Security Engineer will be responsible for protecting the company's cloud infrastructure across multiple cloud environments. This role involves designing, implementing, and maintaining security protocols and systems to defend against cyber threats and vulnerabilities. The Senior Cloud Security Engineer will also lead incident response efforts, conduct security assessments, and provide guidance to junior team members. This position requires a deep understanding of cloud security principles and the ability to integrate security best practices into all cloud systems and applications. The engineer will work closely with various teams to ensure that security measures are effectively implemented and maintained across the organization. In addition to developing and implementing robust security architectures for various cloud environments such as AWS, Azure, and Google Cloud, the Senior Cloud Security Engineer will evaluate and recommend security technologies and solutions specific to cloud security to enhance the organization's security posture. The role also includes managing and optimizing security configurations within cloud platforms, including Web Application Firewall (WAF), DDoS protection, secure DNS, and identity management. Monitoring and responding to security events detected by cloud-native tools and third-party security solutions will be a critical part of the job. The engineer will lead incident response efforts, which include detection, containment, eradication, and recovery from security incidents. They will analyze security incidents to identify root causes and recommend improvements to prevent future occurrences. Conducting regular security assessments, vulnerability scans, and penetration tests in cloud environments to identify and remediate security weaknesses is also essential. The engineer will prepare detailed reports of security assessments and present findings to senior management, ensuring that the organization remains compliant with internal policies, industry standards, and regulatory requirements. Furthermore, the Senior Cloud Security Engineer will develop, update, and enforce information security policies, procedures, and standards, ensuring compliance with relevant legal and regulatory requirements such as GDPR, HIPAA, and PCI-DSS. They will also conduct security awareness training for employees to promote a culture of security within the organization. The role requires implementing Zero Trust architecture principles, employing multi-factor authentication (MFA), utilizing encryption for data at rest and in transit, and regularly updating and patching systems and applications to protect against known vulnerabilities. The engineer will also implement and manage security incident and event management (SIEM) systems to centralize and analyze security events. Lastly, the engineer will provide guidance and mentorship to junior security team members, lead security projects and initiatives, and stay up-to-date with the latest developments in cyber security, sharing knowledge with the team.

Responsibilities

  • Develop and implement robust security architectures for various cloud environments (e.g., AWS, Azure, Google Cloud).
  • Ensure security best practices are integrated into all cloud systems and applications.
  • Evaluate and recommend security technologies and solutions specific to cloud security to enhance the organization's security posture.
  • Manage and optimize security configurations within cloud platforms, including Web Application Firewall (WAF), DDoS protection, secure DNS, and identity management.
  • Monitor and respond to security events detected by cloud-native tools and third-party security solutions.
  • Collaborate with the network team to ensure secure and efficient traffic routing and connectivity within cloud environments.
  • Lead incident response efforts, including detection, containment, eradication, and recovery from security incidents.
  • Analyze security incidents to identify root causes and recommend improvements to prevent future occurrences.
  • Conduct regular security assessments, vulnerability scans, and penetration tests in cloud environments to identify and remediate security weaknesses.
  • Perform security audits to ensure compliance with internal policies, industry standards, and regulatory requirements.
  • Prepare detailed reports of security assessments and present findings to senior management.
  • Oversee the operation and maintenance of security monitoring tools and systems within cloud environments.
  • Investigate and respond to security alerts and anomalies detected by monitoring systems.
  • Develop, update, and enforce information security policies, procedures, and standards.
  • Ensure compliance with relevant legal and regulatory requirements, such as GDPR, HIPAA, and PCI-DSS.
  • Conduct security awareness training for employees to promote a culture of security within the organization.
  • Implement Zero Trust architecture principles to enhance security.
  • Employ multi-factor authentication (MFA) across all critical systems.
  • Utilize encryption for data at rest and in transit.
  • Regularly update and patch systems and applications to protect against known vulnerabilities.
  • Implement and manage security incident and event management (SIEM) systems to centralize and analyze security events.
  • Provide guidance and mentorship to junior security team members.
  • Lead security projects and initiatives, ensuring timely and successful completion.

Requirements

  • Bachelor's degree in Computer Science, Information Technology, Cyber Security, or a related field.
  • CISSP certification required; other advanced degrees or certifications (CISM, CEH, AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer, Google Professional Cloud Security Engineer, etc.) preferred.
  • Minimum of 5-7 years of experience in cyber security, with a focus on security engineering, cloud security, and incident response.
  • Proficiency in security tools and technologies relevant to multiple cloud environments.
  • Strong understanding of cloud security principles, network security, encryption, authentication, and access control.
  • Experience with cloud security management, including cloud-native security tools and third-party security solutions.
  • Experience with Cloudflare security configurations and management.
  • Knowledge of scripting and programming languages (Python, PowerShell, Bash, etc.).
  • Excellent problem-solving and analytical skills.
  • Strong communication and interpersonal skills.
  • Ability to work independently and as part of a team.
  • Leadership and project management capabilities.

Nice-to-haves

  • Experience with security compliance frameworks and standards (e.g., NIST, ISO 27001).
  • Familiarity with DevSecOps practices and tools.
  • Experience in a multi-cloud environment.

Benefits

  • Health insurance coverage.
  • 401k retirement savings plan with matching contributions.
  • Paid time off and holidays.
  • Professional development opportunities and training programs.
  • Flexible work hours and remote work options.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service