Sr Cloud Security Engineer

Location: Newport Beach, CA Description: Our client is currently seeking a Sr Cloud Security Engineer that will help us build the capabilities for the organization to leverage cloud services safely, securely, and efficiently at scale. This individual will be part of a team of world-class cloud engineers who will act as the Line 1 Security Owner for cloud. They will be taking lead on securing and hardening cloud environments through strong preventative and detective controls and ensuring continuous compliance. The individual will work with the Enterprise Information Security Office and business partners to determine risk areas and address them through remediation efforts and build mechanisms to track and report on cloud security risk, as well as leading and maturing a cloud security program. The successful candidate will have proven experience in achieving these goals in a large and highly distributed company. They should be a team player, great communicator, insatiable learner, and security focused.

• Architect and develop automation frameworks and security policies and best practices for public cloud platform.
• Participate in the selection, installation, configuration, and testing of tools and software; implementing policies and procedures
• Develop capabilities to automate quarantine and prepare for forensic analysis of resources suspected to be impacted by security incidents.
• Ensure continuous compliance through maturing the configuration management program and enforcement
• Implement event-driven automations on cloud-native tooling (e.g. Lambda, Step, etc.) to respond to security incidents.
• Develop cloud monitoring capabilities, dashboards, and associated KPI/KRIs.
• Integrate events and related lots with enterprise SIEM tools.
• Assess, harden, and develop secure infrastructure as code, Terraform modules, golden images, and other resources for consumption by application developers.
• Mentor others in the principles and best practices of cloud security and secure-by-design deployments
• Work within an agile methodology to prioritize and organize work efforts.
• Ensure security of all assets in the cloud by integrating security best practices for identity-based security, shared secrets, key rotation, and other security requirements. Work with corporate security team to enforce policies and deploy cloud security tools to protect and monitor access.
• Consult on enterprise cloud security strategy and participate in maturity mapping activities
• Develop a roadmap to move towards identity-based zero-trust model. Work with enterprise cloud architect(s) to integrate solutions that align to zero-trust and defense in depth models.

• 8+ years of experience in an applicable cloud, infrastructure, or software engineering role.
  • 2-4 years of hands-on experience in managing cloud security and/or hardening cloud platforms and resources.
  • Experience implementing and managing cloud security tooling such as AWS Security Hub, Microsoft CAS, AWS Inspect, GuardDuty, or similar applicable tools.
  • BS in computer Science and/or Engineering, or equivalent experience and certifications
  • Experience working as part of a Scrum or Agile team
  • Strong background in network, OS, and API security.
  • Adept in at least one programming language such as Python, Java, or Node.JS. Experience with bash and PowerShell as well as the command-line interface to at least one major cloud service, preferably AWS CLI.
  • Experience leveraging configuration management platforms such as Ansible, CloudGuard, or others.
  • Effective communicator with the ability to interact with a wide variety of stakeholders and with experience presenting to non-technical business audiences.
  • Preferred: Experience writing Terraform.
  • Preferred: AWS or Azure Security Certifications
  • Preferred: MS in Computer Science and/or Engineering.