The Security Engineer will report to the VP of IT Security and play a critical role in safeguarding the organization’s cloud-based systems and data. Your primary responsibility will be to assess and manage potential security risks, ensuring that the organization’s cloud infrastructure remains resilient against cyber threats. You will collaborate with cross-functional teams to develop security policies, implement controls, and monitor the network for any suspicious activity.
The most important criteria for joining our team are:
- Empathetic and servant leadership
- Excellent written and verbal communication skills
- Ability to complete tasks efficiently with little oversight
- Understanding the importance of delivering quality solutions to Associates and companies
- Continuous professional development and growth
***This role is a hybrid position and will be in the office 2-3 days per week***
ESSENTIAL JOB DUTIES & RESPONSIBILITIES:
Position Requirements:
Cloud Security Engineer
- Conduct security analyses of cloud-based infrastructure, identifying vulnerabilities and potential risks.
- Assess threats and develop defenses to prevent cyberattacks, data breaches, and unauthorized access.
- Stay informed about emerging security threats and industry best practices.
- Monitor and respond to alerts and events from security tools
- Create and execute strategies to secure and protect cloud environments and data resources
- Respond to security incidents (on-call rotation)
Policy Development:
- Develop and maintain security policies and procedures specific to cloud environments.
- Ensure compliance with relevant security standards (e.g., ISO 27001, NIST (National Institute of Standards and Technology), CIS).
Training and Awareness:
- Provide training to associates on Azure and M365 security best practices.
- Respond to requests and questions from associates.
- Foster a security-conscious culture within the organization.
Incident Response:
- Assist in incident response efforts related to cloud Azure and M365 security incidents.
- Collaborate with incident response teams to investigate and mitigate security breaches.
Monitoring and Detection:
- Monitor cloud systems for signs of unauthorized access, anomalies, or suspicious behavior.
- Implement and manage security tools and services within AWS, Azure, or other cloud platforms.
Security Architecture:
- Assist in creating and designing cloud security architectures.
- Collaborate with the various companies so that you can help tune security controls and suggest other controls that may be needed.
- Installation, configuration, and administration of host, cloud, and network-based security tools
QUALIFICATIONS – EDUCATION, WORK EXPERIENCE, CERTIFICATIONS:
Required
- Bachelor's degree in computer science, Information Security, or a related field.
- Experience: Minimum of 3 years as an Azure security analyst or engineer, with a focus on cloud security.
- Experience with Microsoft Purview, Azure Security Center, and Microsoft Defender for Cloud.
- Strong understanding of networking, encryption, and access controls.
- Excellent communication and teamwork skills.
- Solid scripting skills to automate security tasks using Azure’s scripting capabilities.
Preferred
- Certifications such as CCSP (Certified Cloud Security Professional), CISSP (Certified Information Systems Security Professional), Azure Security, or equivalent.
- Working knowledge of security tools such as Vulnerability Management, Endpoint Detection and Response. Malware Detection, Phishing tools, etc.
- Experience working with 3rd party support originations to track and resolve product issues
- Experience writing up after action reports to describe situations and actions taken
KNOWLEDGE, SKILLS, AND ABILITIES:
Necessary Skills:
- Advanced problem-solving/troubleshooting aptitude.
- Stay current with security technologies, trends, and developments
- Ability to work independently or with a team
- Follow-up and follow through with commitments, exhibiting initiative
- Strong verbal and written communications skills
- Knowledge of how to use Azure Security Center to provide a unified security management system that strengthens the security posture of data centers and provides advanced threat protection across hybrid cloud workloads.
- Familiarity with network security features in Azure, including Network Security Groups (NSGs), Application Security Groups (ASGs), and Azure Firewall.
- Ability to manage identities, provide secure access to resources, and monitor activities to ensure user legitimacy.
- Proficiency in implementing encryption methods and data protection mechanisms to safeguard sensitive information.
- Deep understanding of networking and virtualization concepts, as well as cloud N-tier architecture.