Back to Search Results

Cloud Security Engineer 14974 Malvern, PA 9/2/2021 5:39:00 PM

Contractor - W2

Job Description

• Identifies, designs, and deploys solutions to secure cloud usage
• Conducts audits, assessments, and penetration tests to identify cloud-related risks and vulnerabilities and coordinate remediation activities
• Collaborates with stakeholders on integration of cloud security architecture into overall enterprise architecture
• Collaborates with stakeholders on integration of cloud security architecture into overall enterprise architecture
• Ensure compliance with security policies, standards, and procedures
• Tracks and reports on the effectiveness of cloud information security technology, controls, processes and policies
• Coach other teams about cloud security-relevant technologies, processes, and tools
• Provides threat modeling and risk assessment to identify the risk and severity posture of various systems in cloud environments
• Assists with the investigation of security incidents, recommend and implement solutions to remediate or mitigate them
• Coordinates with stakeholders and third parties in the security monitoring of cloud environments
• Maintains current knowledge of relevant security, privacy, and cloud technology trends

Job Requirements

• 4-6 years of hands-on experience in a cloud administration, architect, or security role
• 2-3 years of hands-on experience conducting and mitigating security/risk assessments, or otherwise securing cloud environments
• Experience implementing and enforcing policies, procedures, and guidelines
• Bachelor’s degree in Business, Cyber Security, Computer Science, Information Technology or related field preferred or equivalent education/experience
• Relevant Cloud Security related certifications; Azure Security Engineer, Certificate of Cloud Security Knowledge (CCSK), or Certified Cloud Security Professional (CCSP)
• Experience developing hardened security configurations for systems
• Strong understanding of operating systems, network protocols, and application development
• Understanding of cloud security concepts, technologies, and best practices, including but not limited to automated code deployment, container security, orchestration tools, Active Directory, IDS/IPS, network and application firewalls, and cloud forensics/log auditing
• Knowledge of industry security control frameworks; CIS Critical Security Controls, NIST 800, CSA Cloud Control Framework, OWASP
• Experience with data protection and privacy practices to maintaining regulatory and legal compliance
• General security, incident response and management
• Experience creating comprehensive and accurate reports that are used to communicate the risk profile impact to peers and management
• Knowledge of common enterprise applications, e-mail, web, cloud, client/server applications
• Experience evaluating cyber security solutions.
Additional Preferred Qualifications::-
• Experience evaluating cyber security solutions.