Cloud Security Engineer Job Description
Cloud Security Engineer Duties & Responsibilities
To write an effective cloud security engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included cloud security engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Cloud Security Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cloud Security Engineer
List any licenses or certifications required by the position: AWS, CISSP, CCSP, GPCS, CCSK, CISM, GSEC, X509, CSSP, CISA
Education for Cloud Security Engineer
Typically a job would require a certain level of education.
Employers hiring for the cloud security engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Information Security, Information Technology, Technical, Education, Information Systems, Computer Engineering, Cyber Security, Business
Skills for Cloud Security Engineer
Desired skills for cloud security engineer include:
Desired experience for cloud security engineer includes:
Cloud Security Engineer Examples
Cloud Security Engineer Job Description
- Provide subject matter expertise on, and conduct in-depth security reviews of, new OS, database, middleware, solutions as they are identified for use
- Ensure our cloud environments comply with industry standard security benchmarks
- Support the regulatory compliance initiatives, processes, and documentation for ISO 27001, FedRAMP, SOC2, etc…
- Develop scripts and automation to scale and accelerate the implementation and audit of security configurations, risks, and assessments
- Reviewing new technologies and products for security implications
- Advising, influencing and educating the rest of the company on matters of compliance and security
- Designs, develops and implements new cloud security technologies to support DTCC business and technology solutions
- Assess and understand the company's current security posture and future architecture, providing a viable solution path to bridge the gap
- Research and architect solutions to solve security and compliance requirements
- Assists the Cloud Network team in performing security design, analysis and recommendation for a wide variety of IT systems and technologies
- Experience with Load Balancing LB using edge nodes
- At least 1 year of experience in Networking or Unix / Linux Server
- At least 1 year of experience in scripting
- Bachelor’s Degree in Information Systems, or Bachelor’s Mathematics
- At least 1 year experience with Cloud Services
- Distributed systems and cloud services experience is desirable, experience with fuzzing frameworks and exploitation frameworks (such as Metasploit, etc) is preferred
Cloud Security Engineer Job Description
- Automate security testing and auditing to prevent regressions and catch issues before they reach production
- Codify traditional security processes to take humans out of the equation making security consumable as a service
- Provide security expertise on system, network, encryption, authentication, and governance
- Provides hands on supports to the IT security systems administration, IR team, and architecture development team, including monitoring and capacity planning
- Acts as the senior technical representative for Enterprise Security while engaging with other senior technical leaders throughout organization in design and implementation of cloud and cloud/hybrid based implementations and solutions
- Drive the security standards and tool strategies for public and private cloud solutions
- Conduct technology assessments to establish and validate an enterprise security baseline and establish a technical direction
- Set technical standards for Cloud infrastructure, containers, security baselines, policies and procedures
- Develop and implement security controls for various cloud infrastructure providers (Heroku, Azure, GCP, Packet.net)
- Analyze security configurations and provide vulnerability reports
- Scripting Languages (Python, Java, Perl)
- 5+ years of developing software with object-oriented languages like Python, Java, C++, or Ruby
- A commitment to security best practices
- Experience with cloud services, know the pitfalls and potential security problems with traditional cloud deployments
- Participate on automation of incident prioritization, false positives identification, correlation, vulnerability remediation
- Bachelor's Degree or equivalent and at least 3 years of relevant experience
Cloud Security Engineer Job Description
- Build automation to actively audit the infrastructure for security misconfigurations
- Support vendor and partner security assessments
- Work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps
- Implement a tools driven and highly automated approach to deliver our key security management processes by exploiting investment in existing tooling
- Respond to and, when appropriate, resolve or escalate security incidents
- Develop security and compliance capabilities in support of DevOps processes
- Responsible for a combination of system administration and platform engineering with direct responsibility for the builds and ongoing support of multiple environments
- Collaborate with other engineers, the client team, to continue finding new areas that can be improved by bringing a DevOps mindset to public clouds, private clouds, backup systems and monitoring solutions
- Serve as an escalation point for builds, implementations, and support issues
- Help establish best practices, migration strategies, and work with engineers to build environments that adhere to industry best practices
- Database programming and administration
- Experience with XEN based virtualization stack such as OpenStack Nova, CloudStack or equivalent virtualization technology such as KVM, HyperV, VSphere
- Experience with XEN hypervisor, XEN tools and library
- Advantage - Contributor to XEN open source project
- Understanding of core concepts for Public/Private/Hybrid clouds (networking, security groups, IAM)
- 5 + years of security experience in three or more areas
Cloud Security Engineer Job Description
- Excited to not only practice security but teach and promote it within the organizations
- Champion Security within the organization
- Serve as the primary interface to governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and accreditation
- Oversee cloud monitoring systems and processes, recommend improvements, perform optimization and tuning, ongoing capacity monitoring
- Develop cloud monitoring and response use cases and supporting content to augment existing monitoring processes
- Managing day-to-day operations of the WAF products and fine tune exceptions lists
- Assisted Genesis Cloud teams with technical issues
- Remains up to date on current and new Cloud technologies to determine relevancy and applicability
- Generates and maintains metrics for trending
- Analyzes and maintains performance data to monitor usage and optimization of the Cloud architecture
- Experience with Cloud EC2, IAM, Cloud Formation, VPC, Security Groups, Cloud WAF, Puppet, Jenkins, Ansible
- Working proficiency with work tracking systems such as JIRA, Workfront, Pivotal
- Experience with the development, deployment and automation of security solutions in large enterprise environments to connect to cloud solutions such as AWS and Azure while maintaining secure operations
- Log management and/or correlation systems (Splunk, ELK, Loggly, Sumo Logic)
- 1-3 years of relevant experience, including experience with Amazon Web Services (AWS) environment, or another leading cloud provider
- Brief management, as needed, on the status of action items and/or results of these activities
Cloud Security Engineer Job Description
- Facilitate security automation by working with cloud service provider APIs, SDKs, and custom source code
- Use standard security frameworks to perform gap analysis between different cloud providers, cloud type, and level of certification in the context of compliance efforts
- Leads efforts to implement security policies and remediation processes
- Identify, design and implement flexible, responsive, and secure technology platforms focused around IaaS and PaaS platform including containerization and micro-services
- Protect the services Firefox depends on from compromises
- Write, maintain, and expand automation scripts and monitoring tools
- Work with developers and operators across the organization to keep the Firefox backend infrastructure safe
- Research and propose automated system and code analysis solutions
- Work with internal IT teams to achieve internal system certifications
- Build AMI and Docker Image life cycle management systems to integrate with the vulnerability scanning solutions to provide image rehydration based on vulnerability scanning assessments
- Experience with network monitoring solutions/security containers as offered by popular cloud providers (VNS3, Illumio)
- Proficient with several languages, at least one in Scala, Java, Python, Ruby, Shell, Javasript, C/C++
- Familiarity with frameworks and technologies such as Akka, Hadoop, Spark, Rails, Django
- Secret Clearance or the ability to attain a Secret Clearance
- Familiarity working in Linux environments
- Experience with cloud platforms, either public or private