Senior Information Security Engineer (Cloud) is a part of our Cybersecurity Engineering team consisting of a diverse team of hands-on technical security professionals who are collectively responsible for designing, implementing, managing, and monitoring the overall security posture of the organization. This position requires practical knowledge of cloud security concepts, software development, and continuous integration/delivery. This role is focused on primarily on GCP security.

•Partner with teams across the company to continually optimize our security posture while maintaining a hyper-focus on the reliability and stability of our cloud business environments. •Support initiatives requiring innovation, automation, and integration in the various clouds (GCP, AWS, Azure). •Work with other teams to design secure cloud architectures •Design, implement, and configure cloud security controls •Develop and evaluate security controls on cloud-native solutions •Implement identity and access management and securely configuring cloud environments •Strengthen cloud applications by identifying opportunities for improvement, making recommendations, and designing and implementing security enhancements •Participate in cloud security architecture design and reviews •Identify security design gaps in existing and proposed architectures and recommend changes or enhancements •Lead security efforts assisting with the integration and initial implementation of solutions •Conduct cloud security assessments to identify threats and detect security vulnerabilities •Analyze, diagnose, and implement fixes for detected and reported security issues •Operationalize security in cloud environments •Develop cloud security policies, standards, and procedures •Understanding of risk management processes (such as methods for assessing and mitigating cyber risk). •Use decision making behaviors that require analytical, interpretative, and creative thinking that may not conform to established patterns to solve security problems. •Provides consultation on technology to address security gaps which enable business processes. •Meet with project teams and other system architects to develop system designs and project plans that include the appropriate security controls and meet security standards. •Represent security concerns with all technology projects within the organization.

EDUCATION REQUIREMENTS
Education Level
GED
Bachelor Degree
Area of Specialization
Computer Science and Information Systems

LICENCES/CERTIFICATIONS
Driver’s license for business travel, or other reason
CCSK, CCSP, Google Cloud Professional Certification, CISSP, CI

WORK EXPERIENCE
in Implementing security controls in cloud environment
GCP experience is a must, AWS and Azure are nice to have
Experience implementing controls from the CSA Cloud Controls Matrix (CCM)
Experience creating CI/CD pipelines
Experience with cloud security tools
Experience using Git or similar distributed version control systems
Proficient in using Windows/Linux from a terminal
Deep knowledge of Information Security principles and an understanding of the Cyber Kill Chain, MITRE ATT&CK and other information security defense and intelligence frameworks
Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies
Understanding of modern cloud technology components and deployment patterns: virtual machines, containers, Kubernetes, serverless, service mesh, infrastructure as code, etc.
Experience writing secure Terraform code
Working knowledge of one or more general purpose programming/script languages including but not limited to: Java, C/C++, C#, Python, JavaScript, Bash and PowerShell

The compensation range for this position is likely going to be in the $140-150k range.