What are the responsibilities and job description for the Senior Security Engineer (Wiz & GCP) position at ImagineX Consulting?
ImagineX is a Software Company whose goal is to help our clients transform their businesses by embracing emerging technologies such as Cloud, Cybersecurity, and Mobile. Through the use of our experimentation techniques and modern delivery methods, we assist our clients in driving higher quality solutions to market faster.
We're looking for a Senior Wiz Security Engineer with deep GCP Cloud Services experience to join our growing team. Our execution success is rooted in our unique model that is supported by our industry partners and specialists. The ImagineX culture thrives on entrepreneurship, risk taking, mutual trust, teamwork, encouraging change, and letting our consultants own their way of working.
This is a 100% remote position, no additional travel required, aggressive salary and bonus packages, and 401K matching.
Duties:
- Build the test rules in Wiz
- Review the preliminary scan results and work with Security Architecture and service owners to determine if rule refinement is needed
- Communicate the new rules for IT awareness
- Deploy the rules to the Wiz framework
- Extensive experience with Wiz for developing security policies, rules, and controls, including the ability to independently develop run-time Controls and Cloud Construction Rules, leveraging Graph Query for querying security configuration and Rego for authoring custom security policies
- Deep expertise in GCP, including non-host services such as databases, storage, networking, and application platforms.
- Ability to work closely with clients to ensure that all GCP services in scope are properly secured and meet compliance requirements.
- Proven experience with Terraform for infrastructure as code (IaC) deployments in cloud environments.
- Strong working knowledge of GitHub for version control, code migration, and collaboration in cloud environments.
- Solid understanding of cybersecurity principles including common threats and vulnerabilities.
- Ability to engage in ongoing scope refinement to determine and validate security requirements.
