Cloud Security Engineer

BravoTECH, a leader in IT staffing and staff augmentation services, seeks a Cloud Security Engineer for our preferred Grapevine, TX based manufacturing client. The qualified candidate must have at least 7 of relevant business experience in Technology product security architecture and engineering experience, and understanding of security vulnerabilities and attacks and the ability to mitigate them. The Cloud Security Engineer will design, plan, implement and maintain platforms and operations to secure cloud-based technology and solutions. Develop, implement, and maintain security solutions in our client' s North American corporate and cloud environments, and ensure development, implementation of security best practices, and configuration of applications. Job Responsibilities

• The Cloud Security Engineer will be tasked with the following responsibilities/duties, all in accordance with applicable Federal, State and local laws / regulations as well as ratified company policies, procedures, and guidelines:
• Serve as an Information Security Subject Matter Expert (SME) by maintaining knowledge of industry-recognized security technologies and concepts.
• Provide security oversight and experience with a strong understanding of hybrid public/private cloud services, Infrastructure as Code, DevSecOps toolsets, and platforms including compute, storage, networking, containers, monitoring/logging, and Continuous Integration/Continuous Deployment (CI/CD).
• Work closely with various IT teams to provide guidance on security weaknesses in the Company' s North America environment and refine & enhance the security strategy for cloud architecture.
• Work with other teams to define and build the processes necessary to protect Company' s North America infrastructure from common threat vectors, OWASP vulnerabilities, and security & compliance misconfigurations.
• Actively engage and foster relationships with security champions on business and IT teams to understand their needs and evangelize a shift-left DevSecOps culture.
• Assist with planning and managing project efforts to define, implement, upgrade, enhance, and maintain security systems.
• Assist in designing, planning, and implementing security tools, controls, policies, and processes.
• Provide security consultation and guidance on new security products, features, and technology decisions.
• Research and investigate cyber threats and security incidents in the Company' s North America environment.
• Active participation in ensuring Company' s North America meets industry standard security & privacy compliance standards.
• Help develop cloud security technical roadmaps to drive constant cyber transformation and improvements in KNA' s defensive posture
• Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative cloud-based security offerings
• Troubleshooting and resolving complex security issues in Microsoft Azure, applying fundamental systems security understanding, skills, expertise, and experience to support the planning, design, development, and implementation of complex systems
• Ensuring that relevant threat and vulnerability data is considered in support of security-relevant decisions.
• Providing input to analyses of alternatives and to requirements, engineering, and risk trade-off analyses to achieve a cost-effective security architectural design for protections that enable mission/business success.
• Assist with the design, implementation, and continuous improvement of the company' s North America Cloud Platform and security program by developing capabilities and providing experienced guidance pertaining to development of secure, cloud-based, multi-tenant application and data services.
• Partner with product and architecture teams to educate, evangelize, and validate secure development practices.
• Build knowledge across the team in how to better secure, monitor, and respond to cybersecurity threats and incidents across company' s North America environment.
• Collaborate with the cloud platform team to establish the strategic cloud security and capabilities for the entire lifecycle of application and data services.
• Work closely with architects and engineers to identify and mitigate risks, perform security reviews, design top tier security practices, and help ensure delivery of secure technology products.
• Support a " security first" advocacy and encourage platform solutions that enable technology product teams to " shift left" with vulnerability identification and resolution.
• Propose, design, plan and execute strategic and tactical operational security objectives.
• Analyze threats and current security controls to identify gaps in current defensive posture.
• Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls.
• Advise on secure architecture/design, attack surface area reduction, least privileged design, threat mitigations, and security standard methodologies.
• Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components and help product teams identify solutions that meet security requirements.
• Evaluate and operationalize security tools by integrating with the development environment and commit/build pipelines.

• MS or BS degree in information security, computer science, or computer engineering
• Minimum 7 years of relevant business experience in Manufacturing and Finance.
• Understanding of security architecture to promote and develop new designs and security strategies across all types of infrastructure including cloud, on-prem & cloud-based applications.
• Very good understanding of cloud security principals.
• Good understanding of various cloud services such as Azure, AWS, ERP platforms etc.
• Good understanding of industry standard security tools.
• Technology product security architecture and engineering experience. Understanding of security vulnerabilities and attacks and the ability to mitigate them
• Familiarity of regulatory requirements (i.e., PCI, HIPAA, GLBA, SOX) and security frameworks (e.g., NIST 800-53, OWASP, CSA cloud control matrix, MITRE etc.)
• Familiarity with Threat Intelligence and Security Operations processes and procedures.
• Knowledge of application security concepts, static/dynamic security analysis, software composition analysis, secrets management, WAF, RASP and related tools.
• Experience with vulnerability management, endpoint security, data protection technologies, SIEM deployments, security analysis and anomaly detections.
• Ability to continuously learn new technologies
• Excellent verbal and written communications skills