Cloud Security Engineer (Remote)

Role Summary

As a member of the Information Security Risk Management architecture team, the Cloud Security Engineer plays a crucial role in shaping and guiding the organization's security strategy, architecture, and practices, with a focus on cloud computing technology. The Cloud Security Engineer will collaborate with security architects and cloud engineers to design, execute, and govern a comprehensive cloud environment. This role can be virtual anywhere in the U.S.

Responsibilities

• Serve as a cloud security technical expert to develop and execute cloud security policies and procedures
• Collaborate with cloud technology teams across the enterprise to ensure the integrity and security of our digital assets in AWS/Azure IaaS environments
• Demonstrate high proficiency across a wide range of cloud security technologies to establish guardrails to prevent or automatically remediate common security misconfigurations
• Provide technical leadership, mentor, and consult with less experienced cloud engineers to implement necessary security controls and threat protection
• Act as a Cloud security subject matter expert by continually reviewing environments for opportunities to reduce risk when possible
• Build automation to monitor cloud resources for compliance with existing standards and alert for configuration drift
• Consult with cloud engineers to successfully implement design requirements from cloud security architects
• Provide governance and consulting to ensure established controls remain effective
• Contribute to advancement of own function by studying start-of-the-art tools, techniques, and computing equipment; participate in educational opportunities and professional organizations.
• Highly autonomous and productive in performing activities, requiring only minimal direction from or interaction with supervisor
• Excellent communication and influencing skills with the ability to balance differing stakeholder interests through sound analysis and persuasion
• Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development cycle

Qualifications

• Bachelor’s Degree with 6 years’ experience; Master’s degree with 5 years’ experience; PhD with 0 years’ experience in information security and/or related functions (IT Audit, Risk Management, or Security Architecture)
• Strong knowledge of scripting languages, including Python, Bash, and/or PowerShell
• Experience developing AWS Service and Resource Control Policies (SCP and RCP) to effectively manage permissions across the enterprise
• Expertise in AWS services including EC2, S3, RDS, Lambda, CloudFormation, VPC, and IAM.
• Experience with Infrastructure as Code (IaC) tools including CloudFormation, Terraform, or Ansible.
• Knowledge of DevOps practices and tools, including CI/CD pipelines, automation tools, and Docker/Kubernetes for containerization
• Excellent written and oral communication skills
• Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions
• Preferred: Professional cybersecurity and relevant industry certifications (CISSP, AWS Solution Architect, AWS Security, CSA CCSK, SANS GCLD, etc.) are highly desirable