SourceAbled is looking for a talented Cloud cybersecurity professional to help maintain the security of Cloud-based platforms for our client who is a leader in the insurance industry. The candidate will have a passion for the security discipline and a willingness to learn fast. This role will be a key member of the Cloud Security Team, responsible for defending the company and our customers from cybersecurity threats.
- Designing, implementing, and securing solutions for Infrastructure as a service (IaaS), Platform-as-a-service (PaaS), and Software as a service (SaaS) technology including AWS (Amazon Web Services), Azure, and GCP (Google Cloud Platform) resources.
- Automating enforcement of Cloud compliance policies.
- Developing policy and documentation for security best practices for technologies new to the company.
- Identifying, investigating, and responding to cyber threats, incidents, and anomalies.
- Identifying and prioritizing security vulnerabilities in our environment.
- Helping to drive remediation for security vulnerabilities.
- Making recommendations for necessary changes to our security controls to address emerging security threats.
- Designing, implementing, and securing solutions for end-to-end security in a CI/CD pipeline for containers including Docker, Artifactory, CloudBees Jenkins, and Kubernetes.
- Contribute to the team’s larger cybersecurity efforts.
- High school diploma or equivalent required.
- Experience in information security work.
- Substantive experience working with cloud-based platforms.
- Also willing to consider a candidate with substantive experience administering cloud-based platforms and a passion for the security discipline.
- Ability to apply a risk management lens to complicated technical issues.
- Make recommendations about how to reduce risk.
- Intellectual curiosity about cybersecurity issues.
- You read cyber and technical blogs and websites to stay current on industry trends and emerging risks.
- Understanding of a broad range of security technologies and how they work.
- Strong written and verbal communication skills.
- Ability to communicate technical topics to non-technical audiences.
- Problem solving skills.
- Focused, driven and can get challenging projects across the finish line.
- Flexibility. The duties of this role will likely evolve based on the interests and capacity of the individual hired.
- Bachelors Degree in Information Systems or related discipline preferred
- Experience in one or some of the following areas is preferred:
- AWS, Azure or GCP services and/or an understanding of how Cloud infrastructure works.
- Terraform or other Infrastructure as Code (IaC) tools.
- Software development.
- Functional knowledge of at least one scripting language (Python, PowerShell, etc.).
- PaaS platforms such as Salesforce or Heroku.
- Investigating cyber incidents.
- Threat intelligence and risk assessment.
- Container security platforms such as Aqua, Twistlock, Sysdig, etc.
- Secrets Management tools such as HashiCorp Vault, CyberArk, AWS Secrets Manager, etc.
- DevOps engineering (Kubernetes, Docker, Jenkins, etc.).
- This position operates in an open office working environment which will include normal and customary distractions, noise, and interruptions.
- Sit or stand for extended periods of time, up to a full work shift.
- Occasionally reaches overhead and below the knees, including bending, twisting, pulling, and stooping.
- Occasionally moves, lifts, carries, and places objects and supplies weighing 0-10 pounds without assistance.
- Listens to, interprets, and differentiates auditory information (e.g., others speaking) at normal speaking levels with or without correction.
- Visually verifies and reads information.
- Visually locates material, resources, and other objects.
- Ability to continuously operate a computer for extended periods of time, up to a full work shift.
- Physical dexterity sufficient to use hands, arms, and shoulders repetitively to operate keyboard and other office equipment up to a full work shift.