|Published||August 4, 2022|
|Location||New York, NY|
Our client, a banking company, is seeking a Cloud Security Engineer
Position Type: Full Time
Looking for a candidate to join the Cloud Security Team within Technology and Operations Risk. The candidate should have excellent analytical, engineering and communication skills. A growth mindset is a must as you will be a member of a new team that is being formed to assess and monitor the assets hosted in the public cloud and work with the Site Reliability Engineering (SRE) teams to quickly remediate risks that are discovered.
You will work with partners application development, cloud infrastructure and cybersecurity engineering to establish automation, including defining priorities, coordinating with peer teams, and leading continuous improvement efforts of our security tools and systems. You will be working a portfolio of tools designed to provide internal teams with leading security and platform capabilities and solutions that identify and monitor security risks at a large scale, detect vulnerabilities, and increase the efficiency of response teams. You will also be responsible for solving security related problems by building the right solution.
The candidate should have a strong understanding of the global cloud landscape, how solutions running in the public cloud are maintained and monitored including how security and support actions can be automated for rapid response. In addition, a strong understanding of cybersecurity and information security with experience in at least one core functional area (e.g. Vulnerability Management, Incident Response, Security Engineering, Penetration Testing, Application Security, Red Teaming, etc.) is a plus.
- Good Knowledge of AWS, Azure or CGP
- 7+ years of experience in software development or Infrastructure as Code
- Bachelor's degree in Computer Science, Engineering or Math is preferred
- 4+ years of professional experience in Cloud Architecture and/or Engineering
- Expert knowledge of SDLC
- Expert in building and deploying a CI/CD pipeline
- Experience in DevOps/DevSecOps/GitOps
- Technical knowledge on Automation, configuration and provisioning infrastructure-as-code using Terraform, ARM, or CloudFormation
- Experience on container and orchestration such as Kubernetes, swarm, EKS, AKS, Docker, OpenShift
- Understanding of current risks and threats to use public cloud
- Working knowledge of building and running container-based applications (Dockerfile, Docker Cli, logs).
- Knowledge of testing, static code analysis and integration
- Knowledge of policy as code such as OPA or checkov
- Handle multiple CI/CD pipelines and how to integrate and operate security tools within the pipeline. (Jenkins, AZDO or Github)
- Comfortable using an IDE
- Vulnerability scanners (Qualys, AWS Inspector, Azure Security Center) and container scanning tools (Twistlock, Aqua).
- Familiarity with drift management
- Familiarity with agile/kanban/scrum
- Certified Kubernetes Administrator or Certified Kubernetes Security Specialist