Senior Cloud Security Engineer

Senior Cloud Security Engineer

Alameda, CA

$200K-$220K/year

Visa Transfer for those that have 1 year or more remaining on an H1B Visa

Job Description:

The Senior Cloud Security Engineer will be a member of the Information Security & Compliance team. This role will have a highly technical hands-on, analytical, and process-oriented focus. The Sr. Cloud Security Engineer will collaborate with product teams, be responsible for engineering security solutions and operational support across a hybrid cloud environment, ensuring compliance with legal and regulatory requirements, maintaining company information security policies, standards, and industry best practices.

· Responsible for the design and development of innovative security solutions for protecting applications and data deployed into the cloud.

· Develop and sustain the security vision and strategy for all deployments across infrastructure and software, leveraging native and 3rd party products where applicable.

· Improve security reporting, including coordinating vulnerability management, penetration testing, and infrastructure compliance.

· Develop security dashboards providing overall security posture and ensure that deviance from the norm is visible and acted upon appropriately.

· Hands-on responsibility for all of Azure cloud security and enterprise SaaS application security.

· Continuously monitor the effectiveness of security controls through comprehensive assessments across domains such as IAM, secure CI/CD pipeline, Incident Management, Vulnerability Management, and red-teaming exercises.

· Collaborate with the operations team on SOC tools i.e., SIEM, UEBA, NDR, SOAR, defining use cases and ensure full coverage of MITER framework.

· Identify, track, and resolve all security issues and gaps across Azure tenant, cloud infrastructure and functional services across IaaS, PaaS, SaaS, CaaS etc.

· Build, deploy, and manage security tools, automate security controls, processes, and services.

· Evaluate and respond to alerts and events from security tools, finetune security configurations to minimize false positives.

· Develop event response documentation and processes, including diagrams for system environments, cloud operations, and security tools.

· Collaborate with security leadership, engineering, and compliance to execute security strategies and roadmaps.

· Assist other teams in solving security issues in a manner that complies with business requirements and best practices.

· Review company architecture and design through a security lens to provide actionable, timely requirements and recommendations.

· Serve as a subject matter expert for security tools, applications, and processes.

· Develop, enforce, and audit cloud security policy, standards, and procedures.

· Responsible for IT general controls across cloud services.

· Adhere to the Company’s Quality Management System (QMS) as well as domestic and global quality system regulations, standards, and procedures.

· Understand relevant security, privacy and compliance principles and adhere to the regulations, standards, and procedures that are applicable to the Company.

· Ensure other members of the department follow the QMS, regulations, standards, and procedures.

· Perform other work-related duties as assigned.

· Bachelor's degree in computer science or related field with 8+ years of experience, or equivalent combination of education and experience

· Azure cloud certification is required (i.e., Azure Security Engineer, Azure Administrator)

· 8+ years of hands-on experience working with Azure cloud technologies covering Network, IAM, Application and Data Security domains.

· Other Network & IAM certifications preferred, i.e., CCNP, JNCP, CIAM etc.

· Hands-on experience deploying and customizing all Azure security tools and other third party security tool set.

· Hands-on experience using CI/CD pipelines for change management, automated security configuration and enforcement.

· Hands-on experience with Azure Directory services, PaaS services security, Azure policies and analytics.

· Hands-on experience with IBM QROC (QRadar on Cloud) SIEM, UEBA, NDR, SOAR tools, fully proficient with Areal Query Language (AQL), defining use cases and ensure full coverage of MITER framework.

· Programming experience in a higher-level language such as NodeJS, Ruby, Chef, Puppet, YAML, JSON, and/or Python

· Expert level understanding of API based security and compliance standards, Unix/Linux, Windows operating systems and scripting.

· Good understanding and expertise of tools such as Ansible, Terraform, CI/CD, (Jenkins, Github, etc.) Docker and Kubernetes

· Experience defining cloud security policies and standards.

· Experience with Log management, EventHub and/or correlation systems/ services.

· Ability to write SQL queries and build dashboards and reports.

· Knowledge of modern cloud technology components and deployment patterns

· Strong collaboration and presentation skills

· Strong analytical problem-solving skills.

· Excellent oral, written, verbal and interpersonal communication skills

· High degree of accuracy and attention to detail

· Proficiency with MS Word, Excel, and PowerPoint

· Excellent organizational skills with ability to prioritize assignments while handling various projects simultaneously