|February 11, 2024
Job ID: W-2023-MB
Category: Information Security
Type: Permanent/ Full-Time
If you're looking for a high-energy, inclusive atmosphere and a company that understands the importance of work/life balance, Commonwealth is your match! From generous bonus and 401(k) programs to tuition reimbursement and flexible work schedules, Commonwealth is focused on helping its employees thrive in an environment suited to their needs. On top of all that, the Information Security department offers a hybrid work schedule, so you'll be able to work from home for part of the week!
We're looking for a cloud security engineer to join our ranks. As a cloud security engineer on the Security Architecture & Engineering team, you will be responsible for securing cloud workloads by implementing security controls that reduce threat surface, ensuring compliance, and responding to security incidents to protect an organization's cloud-based systems and data.
- Deploy various security measures such as firewalls, encryption, and access controls to protect data and resources in the cloud
- Ensure that the cloud architectures are designed with recommended security practices and standards following the principles of Cloud Adoption Framework. Working closely with application, network, and security teams to ensure that requirements are reflected appropriately in cloud architecture and design patterns
- Assess and mitigate risks associated with cloud services while ensuring compliance with relevant regulations and standards, such as NIST-CSF, ISO2700x and other compliance requirements
- Developing, implementing, and testing procedures for data backup and recovery as well as disaster recovery
- Measure cloud security posture against assigned polices are monitored continuously, implement security controls aimed at improving the score and manage any configuration drifts that deviates from desired security measures
- Write and maintain clear, concise documentation, runbooks, and operational standards, including infrastructure diagrams
- Act as a subject matter expert in Cloud Security area by organizing awareness sessions and training on a regular basis; educate and mentor product teams and junior engineers
- Work closely with other IT professionals, such as network engineers, system administrators, and developers to integrate security practices into all aspects of the cloud infrastructure
- Provide escalation-level support for the IT organization and the corporate HelpDesk; troubleshoot issues identified during the delivery of new or existing systems and resolving them in a timely manner
- Participate in several business projects to design, implement, and test security controls against functional workloads
Core Strengths and Skills
- 5+ years' experience in a security engineering role protecting cloud workloads, including IaaS, PaaS, and SaaS models
- Experience with commercial cloud offerings such as AWS, Azure and GCP
- Experience with implementing Cloud Security Posture Management (CSPM) and Cloud Workload Protection Products (CWPP)
- Strong attention to detail and an ability to manage and keep track of multiple tasks simultaneously
- Experience with continuous integration (CI)/continuous delivery (CD) models within an Agile/Scrum environment a plus
- Ability to work with infrastructure and application development teams to provide pragmatic security solutions and implement them within project timelines
- Experience in integrating IAM with cloud-hosted workloads
- Experience in implementing security through Infrastructure-as-code (IaC)
- Knowledge of securing Cloud-native technologies
- Knowledge of networking topologies and engineering, including DNS, Active Directory, Active Directory Federation Services (ADFS), firewalls, load balancers, and gateway devices
- Experience working with regulated environments (PCI, HIPAA, etc.)
- Ability to communicate and present complex information to technical and nontechnical stakeholders, both verbally and in writing
- Scripting knowledge that is aimed towards automation (E.g.: Bash scripting, PowerShell, Python etc.)
Have we piqued your curiosity? Can you see yourself thriving in this opportunity?
Picture Yourself Here
At Commonwealth, we believe in a better world. We hold ourselves and each other to higher standards. We take care of one another. That's why we invest in you-we encourage employee growth both in your career and education; we are building out a robust diversity, equity, and inclusion program; we offer incredible healthcare benefits; and we find plenty of occasions to celebrate. What's not to love?
We are always striving to be better, and we are looking for employees who share that same mindset. Better people, better coworkers, better leaders, better creators. Bring your best work and your full self to the table, and we will do the same. Together, we can build a better future for our advisors, their clients, our company, and you.
Commonwealth Financial Network, Member FINRA/SIPC, a Registered Investment Adviser, provides a suite of business solutions that empowers more than 2,000 independent financial advisors nationwide. Privately held since 1979, the firm has headquarters in Waltham, Massachusetts, and San Diego, California.
Turning our advisors into raving fans starts by doing the same for our employees. We foster an environment of excellence, growth, rewards, and fun in equal measure, which has earned us 43 Best Place to Work awards.
The Fine Print
We care about your online safety as a prospective employee and encourage you to exercise caution when responding to job postings online. Commonwealth will never ask potential hiring candidates to pay or transfer funds as a precondition of interviews or employment, nor will we authorize recruiters or agents to do so on our behalf.
Commonwealth is an equal opportunity employer, making intentional efforts to source talent from all backgrounds.