This position is within the Information Security team, the Cloud Security Engineer (AWS and Azure) focused on analyzing and developing preventive, detective and responsive controls, includes but is not limited to refining and implementing an Identity Access Management (IAM) analysis & review framework across cloud environments. The candidates will apply their experience by implementing reliable, scalable, secure data driven process automation for managing the access life cycle of cloud services. The ideal candidate should have hands-on experience in Cloud Security Administration and hardening, especially in a large or complex environment.

• You Have 5+ years of experience in cybersecurity as a practitioner and with 2+ years exposure with Amazon Web Services (AWS), Microsoft Azure
• Hands-on experience in applying security to cloud technologies (Managing secrets, Securing CD pipeline, Secure Infrastructure as Code, Container Security) required
• Experience with implementing a cloud-based container vulnerability scanning tool required
• Cloud operations engineering skills to measure platform effectiveness and identify areas for improvement required
• Experience in Configuration Management (experience with Terraform based deployments) required
• Hands-on experience in driving end to end security for cloud product scanning, pen testing required
• Experience with Docker and Kubernetes required
• Experience with PRISMA, Nessus vulnerability scanning, Sysdig, Azure ATP, Windows Defender ATP anti-malware preferred
• Knowledge in IT Audit, IT Security, Information Risk Management, IT Governance or other IT Compliance related work preferred. Experience with HITRUST, HIPPA, GDPR and CCPA regulation requirements and documenting policies and procedures preferred
• Experience in IT architecture, infrastructure, cloud migration & development, engineering and software architecture design, business analysis, and DevOps preferred
• Knowledge of B2C Okta solution preferred
• Working knowledge of the TCP/IP suite of protocols. Conceptual knowledge of network and systems architecture. Network segmentation and cloud security architecture
• Knowledge of categories of malware and how they function (e.g., rootkits, trojans, adware, exploits, fileless)
• Experience in SIEM configuration and use across the response lifecycle. Knowledge related to patch and asset management systems. Patch Management and Vulnerability Assessments. Experience with Malware Analysis and Reverse Engineering
• Expertise in software security and penetration testing. Network and encryption experience, including SSL/TLS and public key infrastructure (PKI)
• This role requires threat and vulnerability assessment capabilities, experience with securing systems and applications across a wide variety of cloud infrastructures, creative problem solving, and a passion for learning.