Cloud Security Engineer
Roanoke, VA (Preferred location - may also consider Raleigh, NC and Richmond, VA)
SMART IT People has a full-time Cloud Security Engineer opportunity in Roanoke, VA (Preferred location - may also consider Raleigh, NC or Richmond, VA). This is a tactical position requiring deep broad knowledge in Cloud (preferably AWS), on premise, security environments.
The successful candidate will be a subject matter expert with hands-on experience in a wide range of cloud technologies, tools and methodologies. The role is suited for an experienced Cloud Engineer with proven understanding in enterprise security and will focus on building tool sets and processes to support the Information Security Program (ISP).
Skills and experience:
Bachelor’s degree in Computer Science, Cybersecurity or equivalent experience and knowledge in a related field of study
7+ years of experience in Information Security
5+ years of experience working to develop and secure Cloud
Broad knowledge of information security tools, concepts, and techniques.
Solid technical security foundation with the ability to learn new security skills and concepts quickly.
Solid analytical skills to identify problem areas and opportunities for remediation.
Excellent verbal/written communication skills and excellent interpersonal skills.
Confidence and ability to project an authoritative presence.
Hands-on development and scripting skills, Python preferred.
Hands-on technical experience designing and/or deploying cloud security and hybrid solutions using Amazon Web Services (preferred), Microsoft Azure, and Google Cloud platforms.
Strong knowledge and experience in a variety of technologies including: Unix, Networking, Databases, and Storage.
Strong knowledge of Information security controls.
Knowledge of software development security and cryptography.
Possess a passion for Information Security and Technology.
Work well as part of a team of technical specialists.
Able to prioritize in a fast moving, high pressure, constantly changing environment; high sense of urgency
Ability to communicate and collaborate across teams.
AWS certifications strongly desired
Certification in one or more relevant platform systems (e.g. Cisco, Microsoft, VMWare, Linux, Unix, web development, storage technologies)
ISC2CISSP or SANS GISP desired
One or more SANS GIAC certifications preferred
Contribute to the vision, strategy, and drive execution for integrated security controls across Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) and for Millennium’s Google Cloud Platform (GCP) and Amazon Web Services (AWS) efforts.
Able to demonstrate clear understanding of current risks and threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels.
Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for GCP and AWS.
Provide security consultancy and engineering support for cloud security solutions including analysis and development of Amazon, Google, Azure, and other security solutions.
Provide architecture assurance on Cloud security initiatives and compliance of existing security standards interfacing with infrastructure and development teams.
Maintain the security infrastructure tools that are built on the Cloud platform, providing stability and policies and procedures.
Support the development and delivery of a comprehensive ISP for the entire organization.
Actively monitor new and emerging cloud security technologies, trends, issues, and solutions and assess their applicability to our client's cloud strategy.
Participate in Information Security Incident Response activities for on premise and cloud environments.
Perform periodic and on-demand system audits and vulnerability assessments of systems, internal applications and Cloud services to identify security vulnerabilities.
Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
Manage remediation efforts for any gaps reported in audits or recommended process improvements.
Collaborate with IT management, Legal, Human Resources and Compliance departments to manage security vulnerabilities and investigations.
Provide support to Security and other technical operations staff to ensure smooth turnover from Engineering to Production - and provide mentoring to junior level security professionals.
Liaison with key stakeholders to create and enforce policy including Information Technology and various business units including Legal, Internal Audit, and Compliance.
Leads the effort to ensure security compliance in accordance with regulatory security standards required by appropriate governing bodies.
Develop and maintain documentation of all Security products including specific tools, technologies and processes.
To apply, please email resume in MS Word format to: firstname.lastname@example.org with job title in subject line.