What are the responsibilities and job description for the Senior Cloud Security Engineer position at World Wide Technology?
Role : Senior Cloud Security Engineer
Location : Hybrid – 3 days in office, 2 days remote
Contract Length : 3-month CFH
Responsibilities
High level brief skill requirements.
Cloud Security Skills
Cloud Security Risk Analysis
Detection and Response Processes
Cloud Security Posture Management Tools and Processes (CSPM) (Renamed)
Strong AWS IAM Management
Cloud Identity Entitlement Management Tools and Processes (CIEM) (New)
Cloud Penetration Testing
IaC Scanning
Vulnerability Management and Mitigation
AWS Cloud Trail and Splunk Queries
Zero Trust Principals
Cloud Disaster Recovery and Business Continuity (New)
AWS Identity Center (New) Familiar with the AWS Serverless stack to assist with troubleshooting
Lambda, API Gateway, Cloudfront, S3, Route 53 IaC Best Practices for standardized cloud infrastructure solutions
Terraform HCL and managing solutions across 150 accounts
Python for scripting solutions and basic platform solutions using Lambda and containers
Github and GitLab for IaC management and deployment pipeline creation
AWS Organizations
AWS Control Tower
AWS Account Factory (New) Solutioning especially around AWS Network Services
AWS Solutions Architect Associate (Preferred)
Transit Gateway
VPC Peering
Security Groups
Good understanding of basic networking Soft Skills
Strong Communication both written and verbal
Ability to drive and manage their own projects
Ability to lead project and organize work and drive to conclusions
Azure Experience as a Bonus
College Degree not required but desirable
A strong candidate would be expected to contribute to the vision of the FHR Cloud Infrastructure and Security team.
Enable FHR to utilize cloud technologies in which they are easily consumable, cost efficient, reliable, and secure so that FHR's cloud adoption provides FHR an advantage for enabling digital transformation. "
The Cloud Infrastructure and Security Team is responsible for :
Cloud Security Operations
Security Vulnerability Discovery and Remediation - Responsible for using CSPM, CIEM, security tools, security reviews, and any other means to find areas of cloud security risk for FHR. Create monitoring and alerting processes and set expectations with customers on how to remediate the cloud misconfigurations which put our applications at risk and other security vulnerabilities within a standard SLA. Responsible to analyze the situation to understand the real risk and communicate that with the stakeholders on what risk is recommended to accept and which risk should drive action. Prioritizes vulnerabilities so that higher risk findings are addressed first. Works with software engineers and product teams to ensure good software development practices are being used to deploy secure solutions. Responsible for recurring reporting of cloud security risks to IT directors.
Workload Protection Services via Web Application Firewall Management - Responsible for the creation and deployment of standard WAF rules across our workloads. Monitoring traffic for effectiveness of security protection and to catch any potential false positives. Responsible for other protections for internet-facing workloads. Responsible for creating custom rules to ensure protection of workloads without creating disruption. Logging of requests to assist with troubleshooting and reporting. Escalation of security incidents with the security operations center.
Remote Access Solutions - Design and implement remote access solutions for administration of cloud-based workloads. Automation and implementation of Zscaler ZPA or AWS Client VPN services. Work in coordination with our Cloud Operations team to fulfill these requests.
Cloud Infrastructure Operations
Cloud Infrastructure - Responsible for troubleshooting any cloud infrastructure issues with software engineers. Including connectivity issues, capacity, and performance issues. Responsible for ensuring ownership of the cloud infrastructure is defined well and all resources are owned.
IAM Management Services - Creates and tests standard roles and policies for the company to use using least privilege principals. Monitors for overprivileged roles and works with customers to remediate the risk. Assists software engineers with IAM role and policy creation to ensure least privilege. Manages the roles and policies via Terraform deployed through a Gitlab pipeline to ensure standards are deployed consistently and enforced. Creates and tests new AWS service control policies. Deploys all changes using standard change control processes to reduce the risk of unplanned events.
EC2 Management - Responsible for server creation automation which is used by the server management team. Escalation point for the server management team regarding cloud-specific EC2 and EBS issues. Knows the hybrid cloud networking design and assists with design changes and troubleshooting. Ensures that EC2s in our hybrid cloud environment are positioned for long-term success which enables the server team to manage them.
Cloud Service Management - Responsible to review cloud services for security risks and supportability concerns. Will collaborate with customers to understand their needs and determine if a new service should be used or if existing reference architectures should be used. Will enable new cloud services by implementing new standards and reference architectures for the solution which ensures consistency and supportability.
Application Cloud Infrastructure - Coordinates with software engineers and software architects to design and create solutions for applications in the cloud. To creating and maintaining standard solutions which can be deployed by software engineers. Assists software engineers and software architects with experimentation on new services.
Cloud Financial Operations
Operate our finops program that enables our software engineers and product teams to be cost efficient with our cloud spend. Discover cloud cost trends and anomalies and collaborate with product teams and software engineers to take corrective action. Create automation for remediation when necessary. Perform analysis on costs to understand if application design changes may be required or just small configuration changes are required to ultimately keep our workloads cost efficient. Provide rightsizing information for the cloud services with the most significant spend. e.g. compute and storage. Provide recurring executive level reports to ensure IT directors are seeing trends and how their teams are impacting the overall cloud cost spend.
Equal Opportunity Employer Minorities / Women / Veterans / Disabled
Keep a pulse on the job market with advanced job matching technology.
If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution.
Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right.
Surveys & Data Sets
What is the career path for a Senior Cloud Security Engineer?
Sign up to receive alerts about other jobs on the Senior Cloud Security Engineer career path by checking the boxes next to the positions that interest you.
