Cloud Security Engineer

Your Role:

Tenable is looking for a Cloud Security Engineer to join our Information Security team and help keep Tenable’s cloud services, applications, products and platforms secure.

The Cloud Security Engineer at Tenable is a hands-on role that requires security expertise within the cloud, automation and application security ecosystems. This is a position with high exposure to a lot of key security programs in a fast paced environment. You will be learning quickly and often as no two days will be the same. You will be responsible for security related tasks, including the operations of our cloud security and application security programs which maintain both a mentality of "shifting left" and monitoring runtime production. Your responsibilities will also include performing analysis on security alerts from various sources, following up on risk exposure, making practical recommendations to reduce risks, and then help realize the change. Your daily tasks will have you interacting closely with personnel from other functions in Information Security, Engineering, Product, Research, and Product Management.

Your Opportunity:

• Assess, design, implement, automate, and document security solutions and processes for Amazon Web Service (AWS), MS Azure, GCP, SaaS applications and other cloud platforms
• Drive exposure management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls 
• Work with end users on secure best practices in Infrastructure as Code, cloud design patterns and CI/CD with built in application security controls
• Analyze and investigate events from Cybersecurity appliances or reported incidents
• Document or update standard operating procedures matching day-to-day InfoSec operations
• Establish and maintain strong working relationship with all team members and all business units
• Assist engineering group in evaluating and deploying new solutions
• Perform day-to-day analysis of logs to detect anomalies or events that could lead to incidents
• Audit Tenable’s infrastructure and automate tasks to improve efficiency
• Promote security awareness throughout the organization
• Perform other duties as assigned
• Implement “security as code” using cloud services and CI/CD components as necessary
• Customize security compliance tools to meet operational, audit and risk based needs
• Monitor system security events, SIEM tools, and network traffic for unusual or suspicious activity
• Develop procedures to automate security tasks during code builds and deployments

What You’ll Need:

• Bachelor's Degree or equivalent working experience
• 2 years experience with Amazon Web Services (AWS) or MS Azure
• Understanding of Cloud Computing technologies and automation (HashiCorp, Terraform, Ansible, Cloudformation, etc.)
• 2 years experience with at least 1 of the following: (Python, Bash, Ruby, AWS CLI, REST APIs)
• Ability to break down complex problems and implement custom solutions or scripts beyond just basics to demonstrate thoroughness of problem solving and automated security
• Understanding of DevOps environments working with and influencing developers to maintain security through CI/CD processes.
• Basic knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
• Ability to clearly and effectively communicate concerns, issues, information security concepts to other teams
• Experience with CNAPP, CSPM, or CIEM solutions

And Ideally (but not required):

• An understanding (or even hands on experience) of application security concepts such as SAST, DAST, SCA, WAFs, container security, threat modeling and runtime security testing
• Experience with manual penetration and product security testing
• Ability to build out Application Security Posture Management capabilities to let owners, developers and executives all realize our portfolio’s posture
• Proficient and up to date with AWS security services and pros/cons to implementing each
• Hands-on experience in MS Azure, Google Compute Cloud and 3rd party related cloud security tools
• Any recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, AWS, Azure Certification, Google Cloud Certification
• Ability to interface with developer and engineering community articulating security concepts, resolutions, risk and alternatives

#LI-SR1

#LI-Hybrid