Vacancy expired!
Job Description YOUR LIFE'S MISSION: POSSIBLE You have goals, dreams, hobbies and things you're passionate about.
What's Important to You Is Important to UsWe're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them-friends, family and passions. And we're looking for team members who are passionate about our mission-making a difference in military members' and their families' lives. Together, we can make it happen.Don't take our word for it. - FORTUNE 100 Best Companies to Work For®
- Computerworld® Best Places to Work in IT
- FORTUNE® Best Workplaces for Millennials
- Forbes® America's Best Employers
IND123 Basic Purpose Join a team delivering on a mission to elevate Navy Federal's cloud resilience and DevSecOps strategy. A member of Information Security's Secure Innovation & Resiliency (SIR) team, this individual supports cloud security blue team functions by designing, implementing, and operationalizing capabilities for securing cloud infrastructure and workloads The successful team member will support the implementation of continuous security monitoring practices along with threat and vulnerability prevention, detection, and response capabilities on cloud assets under the direction of a team leader. Experience with modern software delivery infrastructure, agile, and/or cloud technology is preferred.Responsibilities:• Supports the implementation of runtime defenses to prevent cloud security technical risks and harden infrastructure as code, CI/CD pipeline hardening, container security, and infrastructure security.• Discerns security requirements for proactive defenses and runtime monitoring based on IaaS/PaaS/SaaS cloud deployment and environment integration use cases.• Understands cloud security architecture best practices such as identify and access management, secrets management, data classification, data protection and encryption, network security, infrastructure hardening, and logging and alerting. • Assists with translating cloud security policies and standards into machine-readable, automated guardrails using cloud-native, open source, custom scripting, and commercial security tools. Assists with designing and implementing continuous monitoring practices to verify security properties at runtime with continuous feedback to teams responsible for triage, detect tracking, and remediation workflows.• Participates in preventative feedback loops with development teams and continuous improvement processes for preventing runtime vulnerabilities. • Assists with building automation for continuous cloud asset discovery and configuration management. • Assists with implementing cloud security posture management (CSPM) and workload protection capabilities (CWPP).• Conducts human-led processes for privileged access reviews, permission reviews to enforce least privilege, account de-provisioning, and credential management best practices. • Assists with developing and implementing monitoring and contextual incident response alerting patterns targeting cloud infrastructure and runtime assets for the security operations center, including integration with SEIM/SOAR technologies.• Implements automation to support weekly reporting metrics to reflect overall cloud compliance and cloud security health to senior leadership.• Consult and coordinate with BISOs, project managers, business application developers and ISD technical staff on projects to ensure cloud security compliance; coach teams on remediation practices as appropriate; provide consultation for new technology implementations.• Collaborates with Scrum Master in managing backlog as part of a high performing agile team.• Serves as a consultant for strategic and business unit cloud security issues and problems. Evaluates problem, identifies the root causes, coordinates resources, determines temporary measures and/or permanent solutions and recommends and/or implements measures to restore full services. Escalates and works with Senior or Lead levels to resolve more complex situations. • Performs other related duties as assignedQualifications and Education Requirements:• Degree in related area or combination of military and/or job experience and certifications• Minimum of 7 years of experience that demonstrates knowledge and skill of information security technology• Experience that demonstrates knowledge of cloud security analysis and design techniques• Experience that demonstrates knowledge of cloud security practices and procedures, including risk assessment, authentication technologies, security monitoring, runtime defenses, and security attack patterns and practices• Experience with one or more cloud platforms (Azure, Amazon, Google Cloud Platform)• Experience with agile project planning and resource management• Knowledge of NIST CSF, Cloud Controls Matrix, SANS20, PCI DSS, and other Information Security requirements and frameworks• Effective planning and organizational skills• Effective research, analytical and problem solving skills• Effective verbal, written and interpersonal communication skills, including skill in negotiating and persuading others• Ability to present findings and conclusions clearly and concisely• Knowledge of NCUA and FFIEC regulations, GLBA, PCI, and other information security requirements and frameworksDesired Qualifications and Education Requirements:• Bachelor Degree in business, information systems or related field• Experience with Azure native security services (Security Center, Defender, Sentinel, Policy, Monitor, Resource Manager, etc.)• Familiarity with Azure Resource Graph and scripting languages• Experience with Azure DevOps, Kubernetes, Splunk, and Tanzu/Pivotal Cloud Foundry technologies• Experience operating cloud security tools such as Check Point (Dome9), Aqua, and Prisma Cloud• CISSP, CISA CCSP or other Information Security certifications• Microsoft Azure AZ-500 certification (or equivalent for another cloud platform)• Knowledge of Navy Federal operations• Strong knowledge of the financial services industryHours: Monday - Friday, 8:00am - 4:30pmLocation: 820 Follin Lane, Vienna, VA 22180 or RemoteExternal salary range: $80,800 - $139,400Due to COVID-19 and social distancing, this position will be temporarily working from home with plans to return to campus at the desired location listed once Navy Federal is back to normal operations. The specific logistics for returning to campus will be determined at a future date by individual leadershipEqual Employment Opportunity Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/DisabilityDisclaimerNavy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.Bank Secrecy ActRemains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.Employee ReferralsThis position is eligible for the TalentQuest employee referral program. Please indicate the employee who referred you when applying. Vacancy expired!
