Job Description

Job Summary:

A Cloud Security Engineer specializes in providing security for cloud-based digital platforms and plays an integral role in protecting an organization's data. This may involve analyzing existing cloud structures and creating new and enhanced security methods.

Job responsibilities can include creating cloud-based programs, performing threat simulations to detect possible risks, and providing security recommendations on topics like micro-server design or application development that will investigate, create, and recommend innovative technologies or other methods that will enhance the security of cloud-based environments.

Job Duties:

• Collaborates with Security Architect on standards, configuration recommendations, and reviews
• Operates and manages cloud security platforms to include Cloud Security Posture Management and other technology solutions like (CWPP, CIEM, CNAPP) (examples: Wiz, VMWare CloudHealth, Orca)
• Reviews results from configuration management/testing, profiling, and assessment tooling to address vulnerabilities, mis-configurations or access risks
• Reviews results from Cyber Asset Attack Surface Management (CAASM) tools (examples: Xpanse, RiskIQ, Censys, Axonius) and recommends and tracks remediation
• Collaborates with other teams in IT to manage BDO USA's technical estate
• Investigates emerging cyber threats in BDO's cloud environments and works with staff on recommending and implementing defensive actions
• May perform maintenance and enhancements of existing security alerts to reduce false positives
• Participates in Incident Response Team as needed, which includes monitoring for and determining Indicators of Compromise
• Collaborates with Security Operations professionals to analyze triaged security alerts to determine the appropriate escalation and remediation paths
• Partners with other Information Technology professionals to recommend configuration changes or configuration standards to enhance security
• Partners with other Information Technology professionals to evaluate and recommend security settings for cloud environments and applications
• May collaborate with Service Desk Technicians to develop knowledge articles and documentation for common security related procedures
• May develop monthly reporting metrics for IT leadership and present findings to management
• May perform day-to-day monitoring, management, and threat hunting activities of assigned systems
• Adheres to BDO and department policies and procedures
• Other duties as required

Supervisory Responsibilities:

• N/A

Qualifications, Knowledge, Skills and Abilities:

Education:

• High school diploma/GED, required
• Bachelor's Degree in Technology related field, Computer Science, or Information Technology, preferred

Experience:

• Three (3) or more years of experience providing IT systems security support or incident response, required
• Two (2) or more years of Azure or AWS cloud security experience, preferred
• Two (2) or more years of experience in Cloud Security Posture Management tools, (Wiz, Orca, CloudHealth or equivalent) preferred

License/Certifications:

• CCSP - Certified Cloud Security Professional, preferred

Software:

• Knowledge of one (1) or more of the following, preferred:
  • Microsoft Azure, Amazon AWS cloud environments, specifically security focused
  • Cloud security tools such as Cloud Access Security Brokers (CASB) or equivalent
  • Strong understanding of Linux, Windows, and networking equipment operating systems
  • Microsoft Windows (server and workstation) relating to security & patch management
  • Basic understanding of ticketing systems
  • Intrusion detection, containment, and remediation procedures
  • Encryption Algorithms(PKI/Kerberos/IPSEC/SSL)
  • Vulnerability management systems
• Experience with technologies related to web application firewalls, SIEM, preferred
• Experience with scripting languages such as PowerShell or Python, preferred

Language:

• N/A

Other Knowledge, Skills & Abilities:

• Strong verbal and written communication skills
• Excellent interpersonal and customer relationship skills
• Ability to work in a deadline-driven environment while handle multiple complex projects/tasks simultaneously with a focus on details
• Ability to successfully multi-task while working independently or within a group environment
• Familiarity with various regulatory policies (PCI, HIPAA, GLBA and other statutory regulations) as they relate to data security and IT policies, procedures, and standards
• Basic awareness of PCI-DSS, ISO 2700x, FISMA, and other industry recommended security frameworks
• Strong understanding of security breach detection and mitigation
• Ability to rely on extensive experience and judgment to plan and accomplish goals
• Ability to work well under pressure while dealing with unexpected problems in a professional manner
• Ability to communicate and interact with all levels of employees and management
• Ability to interact and build consensus among people
• Ability to work after standard business hours and travel

Individual salaries that are offered to a candidate are determined after consideration of numerous factors including but not limited to the candidate's qualifications, experience, skills, and geography.

Range: $110,000 - $115,000

#remote

About Us

BDO delivers assurance, tax, digital technology solutions and financial advisory services to clients throughout the country and around the globe. We offer numerous industry-specific practices, world-class resources, and an unparalleled commitment to meeting our clients' needs. We currently serve more than 400 publicly traded domestic and international clients.

• Unparalleled partner-involvement
• Deep industry knowledge and participation
• Geographic coverage across the U.S.
• Cohesive global network
• Focused capabilities across disciplines

BDO brings world-class resources and exceptional service to each and every one of our clients. BDO USA is a member of BDO International, the world's fifth largest accounting network.

BDO offers a competitive Total Rewards package that encompass so much more than - "traditional benefits". Our wide range of rewards and our employees' ability to customize rewards to their individual needs are two of the reasons why BDO has been honored with so many workplace awards, including 100 Best Companies for Working Parents, Working Mother 100 Best Companies, Top Entry Level Employer, 2022 National Best & Brightest Companies to Work For and more.

Some examples of our Total Rewards offerings include:

• Competitive pay and eligibility for an annual performance bonus.
• A 401k plan plus an employer match
• Comprehensive, medical, dental, vision, FSA, and prescription insurance from day one
• Competitive Paid Time Off with daily accrual from day one of employment, plus paid holidays
• Paid Parental Leave
• Adoption Assistance
• Firm paid life insurance
• Wellness programs
• Additional offerings include BDO Flex, Group Legal insurance, Pet insurance and Long-Term Care Insurance

Above offerings may be subject to eligibility requirements.

Click here to find out more!