ForHire

SENIOR CLOUD SECURITY ENGINEER

Alarm.com
Full-time
Tysons, Virginia
Posted on 5 months ago

Job Description

The Senior Cloud Security Engineer will enhance the security of cloud environments across AWS, GCP, and Azure by identifying and mitigating security risks, utilizing cloud-native security tools, and managing security solutions. The engineer will collaborate with teams to integrate security into the software development lifecycle and maintain threat models, ensuring compliance and responding to security queries.

Responsibilities

  • Experience in cloud security or engineering in public cloud providers AWS, GCP, and Azure
  • Evaluate, review, and deploy cloud native security tools in AWS and Azure
  • Hands-on experience with monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM
  • Lead network security initiatives with a primary focus on Cisco technologies
  • Utilize the Wiz tool for cloud security posture management
  • Select and acquire additional security solutions or enhancements to existing security solutions
  • Determine, monitor and maintain our security posture, in collaboration with Engineering
  • Oversee and manage the deployment, integration and configuration of security solutions
  • Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle
  • Implement and manage security policies, firewall configurations, and network segmentation strategies
  • Oversee the deployment and security of F5 technologies and WAF at the edge
  • Develop and implement DDoS protection strategies
  • Recommend actions/practices to management in order to ensure compliance with security and regulatory requirements
  • Suggest actions in order to mitigate risk in any activity that potentially impacts security
  • Craft responses to client and partner security questionnaires

Requirements

  • B. A. or B.S. (or higher-level degree) in Computer Science or a similar engineering program
  • 7+ years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure
  • AWS Security, CISSP, CISA, OSCP or other information security certification
  • Security certifications such as Cisco CCNP Security, AWS Security, CISSP, CISA, OSCP are a plus
  • Experience in performing security reviews of cloud application designs, source code and deployments
  • Knowledge and stay up to date on the latest cloud security advisories, alerts and vulnerabilities
  • Strong verbal and written communication skills
  • Rigorous attention to detail and focus on quality of deliverables
  • Expertise in AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM
  • Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation
  • Comfortable with Python and able to read Java
  • Proven team experience and comfort in a team-oriented environment

Benefits

  • No benefits