MissionStaff specializes in delivering top-tier talent in Technology, Creative, and Marketing, as well as the Business Services that support these teams. Serving companies ranging from mid-sized enterprises to the Fortune 500, we build lasting relationships with talent and clients to power career opportunities and business. We are currently filling the following permanent role with our client in San Jose. CA but the job is 100% remote any where in the US or Canada
Please note that we do not accept unsolicited resumes from third-party recruiters or agencies. Additionally, candidates must be U.S. citizens , Permanent Residents or Canadian Citizen to be considered for this position.
We are currently seeking a highly skilled and experienced Lead Cloud Security Engineer
We are in search of a seasoned Senior Cloud Security Specialist with proven expertise in securing cloud platforms, particularly AWS and Azure. The ideal candidate will possess hands-on experience in cloud security, with a comprehensive understanding of key areas such as Identity and Access Management, Data Protection, Infrastructure Security, Logging and Monitoring, Incident Response, and Compliance Frameworks like CIS and NIST. Exceptional communication skills and the ability to collaborate seamlessly with stakeholders across various teams are essential.
About You
You are a technically adept leader with a robust background in developing and implementing secure cloud architectures. Your strength lies in utilizing a risk-based cybersecurity and data privacy strategy, defining security patterns, and creating roadmaps and operating models that foster collaboration. You are experienced in facilitating industry-standard information security governance, advising senior leadership on cybersecurity and privacy risks, threats, and investment strategies, and documenting policies and procedures to manage information security risks effectively.
Key Responsibilities
- Secure cloud platforms (AWS and Azure) by applying best practices and adhering to industry standards.
- Develop and implement Identity and Access Management strategies to ensure secure access control.
- Implement data protection measures to safeguard sensitive information within cloud environments.
- Enhance infrastructure security through appropriate configurations and security controls.
- Establish logging and monitoring mechanisms to detect and respond to security incidents.
- Build and maintain detective controls to identify and mitigate potential security threats.
- Lead incident response efforts to address security breaches or vulnerabilities.
- Ensure compliance with relevant regulatory requirements and industry standards.
- Review cloud architecture designs and provide recommendations for security enhancements.
- Communicate security risks and best practices to both technical and non-technical stakeholders.
- Automate security processes and tasks through programming skills.
- Demonstrate a deep understanding of network concepts and their application in cloud security.
- Secure CI/CD pipelines and processes (DevSecOps).
- Streamline security operations and improve efficiency through automation initiatives.
- Serve as a subject matter expert (SME) in cloud security, offering guidance and support to the team.
- Assist in the investigation and resolution of security alerts.
- Exhibit leadership qualities to mentor junior team members and drive security initiatives forward.
Core Skills Required
- A degree in Engineering, Computer Science, or Information Technology.
- 5-8 years of experience in developing and deploying security architectures or engineering solutions.
- Must have relevant security certifications (e.g., CISSP, CCSP, CCSK, AWS Certified Security Specialty, Microsoft Certified Solutions Expert).
- Expertise in Identity and Access Management (IAM) and data protection strategies.
- In-depth understanding of infrastructure security principles and practices.
- Hands-on experience with logging and monitoring tools for cloud environments.
- Strong communication skills with the ability to engage effectively with stakeholders.
- Knowledge of technical security control environments and compliance frameworks (e.g., CSA CCM, ISO27001, ISO 27017, NIST).
- Proficiency in cloud architecture, operations, cloud-based identity access management, security, automation, and orchestration.
- Understanding of security protocols and standards, with experience in software and security architectures.
- Extensive experience with cloud-native security solutions.
- Strong knowledge of networking protocols, including low-level packet analysis, and familiarity with tools such as Kali, Wireshark, Burpsuite, Metasploit, Nmap, Fiddler, SQLMap, and Nessus.
- Knowledge of cryptography, key management, and cryptographic algorithms (e.g., RSA, AES, SSL vs. TLS, PKI).
- Experience with scripting (Python, Perl, Bash, PowerShell) and API integrations.
- Proven ability to build internal and external relationships and articulate complex security concepts to influence decision-making within a diverse corporate culture.
- Ability to lead comprehensive client meetings/workshops on a broad range of topics, including discovery, cloud compliance, and security.
- Strong programming skills with experience in API and webhook development using Python, Node.js, Ruby, PowerShell, and Shell scripting languages.
Nice To Have
- Familiarity with Cloud Security Posture Management (CSPM) tools.
- Experience deploying Exabeam Security Information and Event Management (SIEM) solutions.
- Proficiency with security tools such as Crowdstrike EDR, Tanium, Datadog, and similar platforms.
Strong technical skills (Forensics) for Incident Response.