This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
State of Arkansas - Lincoln, AR
posted about 2 months ago
About the position
The Senior Cloud Security Engineer at Arvest is a senior-level role focused on enhancing the security of enterprise information and systems. This position involves determining security requirements, planning, implementing, and testing security systems, and mentoring team members. The engineer will play a crucial role in transitioning the organization from an on-premises banking model to a cloud-based environment, collaborating closely with engineers and software developers to address their security needs.
Responsibilities
- Design, create, and execute security controls to identify, protect, detect, and respond to risks against the Arvest cloud.
- Configure and maintain tooling to assess vulnerabilities/risks affecting data integrity, availability, or confidentiality in the cloud.
- Develop and maintain cloud security architecture processes and artifacts aligned with business, technology, and threat drivers.
- Oversee the development of baseline security configuration standards for cloud technologies.
- Provide standards and practices for data encryption and tokenization based on data classification criteria; securely migrate these to a cloud environment.
- Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs, and anti-malware systems.
- Ensure a complete and accurate inventory of all systems, infrastructure, and applications logged by SIEM or log management tools.
- Review network segmentation to ensure least privilege for network access.
- Collaborate with the BCM team to validate security practices for BCM testing and operations during failover.
- Track developments and changes in the digital business and threat environments to ensure adequate responses.
- Participate in application and infrastructure projects to provide security planning advice.
- Serve as the primary liaison between Enterprise Architects and Systems Security Engineers, coordinating with product family owners on security controls allocation.
- Work closely with business and IT to monitor and improve Arvest's cloud privacy and security controls.
- Participate in cybersecurity and business-related councils or working groups as needed.
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
- Understand and comply with bank policy, laws, regulations, and the bank's BSA/AML Program.
Requirements
- Proven experience in cloud security engineering and architecture.
- Strong understanding of security controls and risk management frameworks.
- Experience with security tools such as firewalls, IPSs, WAFs, and SIEM systems.
- Knowledge of data encryption and tokenization practices.
- Ability to assess vulnerabilities and risks in cloud environments.
- Experience in developing security policies and standards.
- Strong analytical and problem-solving skills.
- Excellent communication and collaboration skills.
Nice-to-haves
- Certifications in cloud security (e.g., CCSP, AWS Certified Security Specialty).
- Experience with compliance frameworks (e.g., PCI-DSS, ISO 27001).
- Familiarity with DevSecOps practices.
- Knowledge of banking regulations and compliance requirements.
Benefits
- Health insurance
- 401k retirement plan
- Paid holidays
- Professional development opportunities
- Flexible scheduling
