Responsibilities:
- Monitor cloud networks and systems for security issues.
- Investigate security breaches and other cybersecurity incidents.
- Document security breaches and assess the damage they cause.
- Work with the Cloud Operations team to perform tests and uncover vulnerabilities.
- Drive program for documenting and remediation of detected vulnerabilities.
- Perform penetration, vulnerability and web application scanning and testing.
- Drive Engineering teams to increase application security.
- Evaluate and deploy Information Security monitoring and research tools.
- Participate in security audits including PCI, SOC2 II and others.
- Drive technical execution of corporate security compliance policy.
- Work with other teams to achieve and maintain a high-security standards.
- Develop best practices for customer facing Information Security.
- Evaluate cloud infrastructure from availability, resilience, and security perspective.
Requirements (10+ years in similar positions):
- Bachelor's degree in computer science or related field or equivalent experience.
- Experience in information security or related field.
- Experience with cloud network penetration testing and techniques.
- Deep understanding of security components including
- Cloud Network and web application firewalls including ACLs, and secure configurations.
- Cloud Network and Linux systems hardening and security tools.
- Secure applications coding, testing tools and lifecycle.
- Proxies, SIEM logging/monitoring and IDS/IPS.
- Configuration management using Salt and Terraform.
- SSL/TLS and other encryption standards for data encryption at rest and in transit.
- Zero Trust Architecture development.
- PII data handling and classification implementations.
- Implementing access controls and policies.
- Implementation of security risk assessments reporting.
- Data Loss and Exfiltration prevention tools and implementations.
- End Point Detection and Response tools and management.
- Information/Cyber security certifications are a plus
