Cloud Security Engineer

at Jefferies Financial Group
Published February 8, 2024
Location Atlanta, GA
Category Default  
Job Type Full-time  


Job DescriptionJefferies is seeking a Sr. Cloud Security Engineer to join as a Vice President in the Information Security team with accountability for researching, designing, engineering, implementing, and supporting cloud security solutions. The Cloud Security Engineer will be a hands-on engineering position that requires a high degree of technical expertise to directly interact with other engineering and application development teams to drive alignment on security requirements, influence decision makers, build relationships, and communicate strategy and architecture to the broader internal community while protecting the company’s assets. The candidate must be highly technical and adaptable to the rapid pace of financial services development and delivery. Candidate needs to be an excellent team player with good overall technical and communication skills and above all be self-motivated and drive the overall progress of Cloud Security at Jefferies.We look to hire people who are comfortable in working with minimal supervision as part of a team that has consistently delivers ground-breaking and innovative solutions in one of the most exciting and fast-moving areas of the financial markets vertical. We need people who can prioritize and effectively communicate complex issues. The candidate will have the following responsibilities:Key player for Cloud Security strategy, design, implementation across IaaS, PaaS, SaaS and FaaSEstablish and manage technical governance processes for cloud services.Assist with conducting third party vendor review and analysisDrive overall strategy and implementation of security processes, procedure, governance through a combination of preventive and reactive controls and policies in a multi-cloud environmentWork closely with application teams, Cloud Engineering and other infrastructure teams to support and implement security at every level of CloudDefine the preventative and detective guardrails for all IaaS, PaaS, SaaS, and FaaS environments; including shift-leftDefine the architecture for repeatability within IaCEstablish the cost-effective use of tools and automation within the cloud environmentsEstablish and maintain vendor relationshipsSkillsExperience collaborating with Infrastructure and Application teamsBasic understanding of servers, network, storage, and databasesDeep knowledge of core services from AWS and AzureExperience securing AWS, Azure and SaaS services in a highly regulated environmentProficiency in writing and reviewing Infrastructure as Code including CloudFormation and TerraformFamiliarity with NIST CSF and Cloud Security Alliance CCM frameworksExperience managing and supporting critical Developer infrastructure and secure SDLCUnderstanding of Application Security principles, SAST, DAST and web application vulnerabilities such as OWASP Top 10, their risk and remediationsAbility to identify and communicate risks and remediation to senior management and application teamsManage multiple projects simultaneously and can adapt to changing business needsWork well with cross functional global and remote teamsSelf-disciplined, self-starter who can provide leadership and mentor others while resolving complex incidents and delivering projectsAbility to analyze complex problems, propose effective solutions and understand and apply business vision and directionEstablish and maintain the Jefferies zone of trust Knowledge of cloud services secure connectivity techniques and servicesDesiredCISSP, CCSP, CCSK, AWS/Azure Security or additional certificationsExperience with Cloud-native security services and tools, Cloud Security Posture Management (CSPM), serverless and container securityExperience with SAST and DAST toolsExperience with using Atlassian DevOps tools including, Jira, Bitbucket and BambooExperience implementing, securing, and managing containerized and Kubernetes workloadsExperience managing a geographically diverse teamSkills: Python, PowerShell, and RESTUnderstanding of Application Security principles, SAST, DAST and web application vulnerabilities such as OWASP Top 10, their risk and remediationsThe salary range for this role is $140,000-$210,000.Jefferies Financial Group Inc. (‘‘Jefferies,’’ ‘‘we,’’ ‘‘us’’ or ‘‘our’’) is a U.S.-headquartered global full service, integrated investment banking and securities firm. Our largest subsidiary, Jefferies LLC, a U.S. broker-dealer, was founded in the U.S. in 1962 and our first international operating subsidiary, Jefferies International Limited, a U.K. broker-dealer, was established in the U.K. in 1986. Our strategy focuses on continuing to build out our investment banking effort, enhancing our capital markets businesses and further developing our Leucadia Asset Management alternative asset management platform. We offer deep sector expertise across a full range of products and services in investment banking, equities, fixed income, asset and wealth management in the Americas, Europe and the Middle East and Asia.At Jefferies, we believe that diversity fosters creativity, innovation and thought leadership through the infusion of new ideas and perspectives. We have made a commitment to building a culture that provides opportunities for all employees regardless of our differences and supports a workforce that is reflective of the communities where we work and live. As a result, we are able to pool our collective insights and intelligence to provide fresh and innovative thinking for our clients.Jefferies is an equal employment opportunity employer, and takes affirmative action to ensure that all qualified applicants will receive consideration for employment without regard to race, creed, color, national origin, ancestry, religion, gender, pregnancy, age, physical or mental disability, marital status, sexual orientation, gender identity or expression, veteran or military status, genetic information, reproductive health decisions, or any other factor protected by applicable law. We are committed to hiring the most qualified applicants and complying with all federal, state, and local equal employment opportunity laws. As part of this commitment, Jefferies will extend reasonable accommodations to individuals with disabilities, as required by applicable law.All employees must follow Jefferies’ COVID-19 protocol policy, which is subject to change. Full timePosting Date: 2023-11-15

Only registered members can apply for jobs.