What are the responsibilities and job description for the Security Engineer position at Cloud and Things?
Our goal is to solve problems and deliver results for our clients. At Cloud and Things, you can be a part of transforming the public sector’s IT environment. Our team is on the forefront of helping to solve the government's most complex IT challenges. If you are seeking a role that offers the opportunity to work on rewarding projects, consider a career with Cloud and Things.
Overview
We are seeking a Cyber Security Engineer to work with our client. The Security Engineer will be a hands-on security professional, responsible for ensuring security in the SDLC, implementation, and operational maintenance of the clients Information Security controls and countermeasures. The engineer will work closely with system integrators on best security practices and follow NIST/NYDFS framework to secure our client’s data when stored, processed, and exchanged through cloud platforms with other on-premise or third party systems. The Security Engineer will also review and assess the security design of technology upgrade projects and work with our client’s Information Security team to recommend security controls and address challenges in timely manner
Duties
Cloud and Things complies with all applicable federal, state, and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws.
Overview
We are seeking a Cyber Security Engineer to work with our client. The Security Engineer will be a hands-on security professional, responsible for ensuring security in the SDLC, implementation, and operational maintenance of the clients Information Security controls and countermeasures. The engineer will work closely with system integrators on best security practices and follow NIST/NYDFS framework to secure our client’s data when stored, processed, and exchanged through cloud platforms with other on-premise or third party systems. The Security Engineer will also review and assess the security design of technology upgrade projects and work with our client’s Information Security team to recommend security controls and address challenges in timely manner
Duties
- Provide oversight and assess security controls for IaaS, PaaS, and SaaS services while collaborating with system integrators and the client’s teams to deliver reliable and scalable security capabilities.
- Oversee and lead the implementation of all security solutions; develop technical and reference architectures throughout the project duration.
- Perform as a subject matter expert on cloud technologies, build and recommend security infrastructure from scratch, and raise security risks in a timely manner.
- Develop security requirements for complex internet-facing applications and associated infrastructure components.
- Assess and review end-to-end secure integrations, including web services and APIs.
- Work closely with the client’s security team and third-party system integrators on security engineering-related issues, resolving challenges without affecting project delivery timelines.
- Monitor information systems for security incidents and vulnerabilities; develop monitoring and visibility capabilities; and report on incidents, vulnerabilities, and trends.
- Analyze trends, news, advisories, and changes in threats, and conduct security assessments with risk mitigation plans.
- Review vulnerability management reports and follow up with technical stakeholders on remediation efforts.
- Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interact and coordinate with incident responders.
- Bachelors /Master’s degree from an accredited college/university or equivalent work experience.
- 7 years of experience with system design and security engineering with experience implementing a wide range of solutions both in cloud and on-prem.
- Knowledge of security engineering to ensure security solutions development aligns with the defined architecture strategies
- Professional certifications in security, preferably in any two; CCSP, CISSP, CISA, Azure Solutions Architect Certification, Microsoft Azure Architect Certification & Microsoft Azure Architect Technologies
- Strong understanding of secure design and reviews, identity and access management
- Good knowledge of Identity Access Management (IAM), SAML, Federation, Privilege Access Management (PAM), and MFA technologies.
- Expertise in Data Security (Cryptography and Encryption).
- Knowledge of advanced Auditing and Log Management tools.
- Experience with security vulnerabilities scanning tools.
- Understanding of Cloud Access Broker Services (CASB) and configuration best practices.
- Proficiency in using Data Loss Prevention (DLP) tools and applying best practices.
- Familiarity with user behavior monitoring.
- Strong data analysis skills for Network, Cloud, and Endpoint data.
- Experience with centralized management of next-generation firewalls and intrusion detection and prevention systems (IDS/IPS).
- Ability to optimize security tools and controls effectively.
Cloud and Things complies with all applicable federal, state, and local laws regarding recruitment and hiring. All qualified applicants are considered for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other category protected by applicable federal, state, or local laws.
