Cloud Security Engineer

Forrest T. Jones & Company, Inc., and its affiliates (“FTJ”), provide insurance and insurance related services to clients, corporations, employers and individuals. These services include providing benefits through innovative life and health insurance plans, financial services, and customized insurance products for niche markets.

Position Summary

The Cloud Security Engineer plays a key role in designing, deploying, and maintaining a secure cloud application infrastructure that meets the business needs. Responsibilities include providing security guidance to the company, supporting innovation, and ensuring that the cloud computing infrastructure is secure. Position requires advanced skills in troubleshooting and administration, as well as knowledge of architecture, engineering, and design principles.

The Cloud Security Engineer works closely with security leadership to assess the threat landscape and adapt quickly to protect the business from risk. Position requires individual with at least 3-5 years of experience in security and systems administration across various cloud infrastructure, including SaaS, IaaS, and PaaS. Individual must possess the necessary technical expertise to deliver applications at scale and with resiliency to support business initiatives. Along with strong analytical and critical thinking skills, individual needs to be highly adaptable and able to meet change requests at a moment's notice. As the role involves interfacing with other business units, excellent communication and listening skills are essential. Overall, the goal is to maintain the level of rigor required to adhere to business direction while planning and designing policies and maintenance.

Essential Functions

Security Compliance

• Implement and manage Security Compliance processes and strategies in alignment with Microsoft's and Azure's best practices.
• Review and analyze existing system controls for regulatory compliance and security policy adherence.
• Collaborate with teams to ensure compliance with ISO 27001, GDPR, SOC 2 and other relevant security compliance frameworks.
• Support audit processes through documentation and remediation of non-compliant findings.
• Protective and Detective Controls:
• Deploy protective and detective measures by designing and implementing security controls.
• Work closely with the IT team to deploy and monitor Microsoft and Azure security solutions.
• Regularly monitor system logs, SIEM tools and network traffic for unusual or suspicious activity and interpret such activity and make recommendations for resolution.
• Data Loss Prevention (DLP):
• Implement, manage, and fine-tune DLP policies, procedures, and tools to ensure data security.
• Regularly monitor and review DLP alerts and reports for policy violations and suspicious activities.
• Collaborate with the data governance team to maintain data classifications and categorization and apply DLP policies accordingly.
  
  

Cloud Security

• Perform security design reviews to assess security implications for the introduction of new or differing technologies within the Azure environment.
• Regularly monitor Azure cloud environment for security breaches and investigate violations when they occur.
• Develop secure cloud architectures and solutions to assist businesses in migrating to the Azure cloud.
• Develop and implement policies, procedures, and associated training plans for cloud security administration and usage.
• Supervisory Responsibilities: This position has no formal supervisory responsibilities.
  
  

Minimum Required Qualifications

• Minimum four years’ experience in cybersecurity as a practitioner and at least 2-3 years exposure with Microsoft, AWS, OCI.
• Certificates and Licenses: One or more including Microsoft Azure Security Engineer Associate- Specialty, and CompTIA Security .
  
  

Other Required Qualifications

• Strong Linux and Windows support skills.
• Experienced in cloud networking architecture and cloud operations.
• Familiarity with tools such as Git, Jenkins, CloudFormation.
• Network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI).
• Experience with scripting languages such as Python, Ruby, PowerShell and JavaScript.
• Familiarity with key security concepts/frameworks such as OWASP, CVE, and CVSS.
• Experience integrating with native Microsoft services.
• Experience and understanding of various regulatory requirements and laws, including but not limited to: Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA). Additionally, experience in one or more of the following: ISO 27001/2, ITIL or NIST.
• Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management and hardening guidelines.
• Team leadership experience to help with the organizational and team dynamics in a growing field.
• Ability to clear required background check.
  
  

We offer comprehensive benefits to full-time employees including company-paid medical, STD, LTD and life insurance; plus voluntary dental, vision, Life/AD&D insurance, 401(k) with company matching, generous paid time off and much more.

We encourage applicants of all ages and experience, as we do not discriminate on the basis of an applicant’s age.

ALL OFFERS OF EMPLOYMENT ARE CONTINGENT UPON PASSAGE OF A DRUG SCREEN AND BACKGROUND CHECK.