Job Summary:
Our client is seeking a Cloud Security Engineer who designs, implements, and manages secure cloud architecture, protecting cloud-based assets from potential threats. This role develops and enforces cloud security policies, conducts risk assessments, and ensures compliance with industry standards. This is a hybrid role located in Milwakee, WI!
Duties:
- Collaborate with IT, development, and operations teams to embed security into every aspect of the cloud and application security lifecycle
- Advocate for security best practices, raising awareness and driving a security-first culture across the organization
- Develop and implement automated security solutions to streamline security processes, improve efficiency, and enhance response capabilities
- Collaborate with architecture and IT to design, implement, and manage security measures for our cloud environments
- Develop and enforce security best practices for Infrastructure as Code (IaC) to ensure secure deployment and configuration management
- Secure containerized environments, including Docker and Kubernetes, and ensure compliance with security benchmarks.
- Partner with DevOps teams to integrate security into the CI/CD pipeline for container deployment and management
- Along with the Senior Application Security Engineer, lead application security initiatives, including secure code reviews, vulnerability assessments, and web application penetration testing
- Develop and maintain application security standards and guidelines, ensuring they are integrated into the software development lifecycle
- Stay abreast of the latest security threats, trends, and technologies, especially in cloud, IaC, and container environments
- Proactively identify and investigate security threats by analyzing security logs, conducting threat hunting exercises, and implementing advanced detection mechanisms
- Continuously evaluate and improve security tools and processes to address evolving security
- Be action oriented, demonstrating high energy and an action-oriented approach to challenging work tasks, with a willingness to act swiftly and with minimal planning when opportunities arise
- Build strong peer relationships by finding common ground and fostering problem-solving for mutual benefit, advocating for information security interests while remaining equitable to other groups, promoting teamwork and cooperation, and maintaining open and honest communication with colleagues
Desired Skills/Experience:
- Bachelor’s or Master’s Degree in Computer Science, Engineering, Information Security or extensive professional experience considered in place of a Bachelor's degree
- 7+ years of experience in Information Security within cloud-native or SaaS technology environments
- 3+ years of hands-on experience securing Infrastructure as Code, Application Security, and Policy as Code (PaC) using coding languages such as Python, Go, JavaScript, or YAML
- 2+ years of experience automating and scaling CIS benchmarks or equivalent standards
- Proficiency in cloud platforms such as AWS, Azure, and GCP, container orchestration tools (Kubernetes, Docker), and Infrastructure as Code (Terraform, Ansible)
- Experience in application security practices and tools, including static and dynamic analysis and familiarity with OWASP standards
- Ability to be action oriented, demonstrating high energy and an action-oriented approach to challenging work tasks, with a willingness to act swiftly and with minimal planning when opportunities arise
- Ability to build strong peer relationships by finding common ground and fostering problem-solving for mutual benefit, advocating for information security interests while remaining equitable to other groups, promoting teamwork and cooperation, and maintaining open and honest communication with colleagues
- Strong analytical, problem-solving, and communication skills
- Ability to work collaboratively in a dynamic environment
- Extensive experience writing technical and business-friendly security documentation
- Strong written and verbal communication skills in English
Benefits:
- Medical, Dental, & Vision Insurance Plans
- 401K offered