As a trusted partner to our client, Corus360 is looking for a Cloud and Infrastructure Security Engineer for a full time role in Atlanta, GA. Our client is a fast paced, exciting organization in the SaaS space. As part of the technical team and reporting to the Director of Security, this role will be responsible for the design and implementation of security for AWS Cloud Security, the IaaS, PaaS and SaaS elements within it, and any associated automation tooling. This individual will need to reference industry standard cloud security design patterns and apply them to existing DevOps processes in a fast-paced environment. This position will leverage the candidate’s cloud understructure / infrastructure and development expertise in the areas of CI/CD pipeline security, API integration, and automation. Knowledge of more traditional security aspects like network security and operating systems will also be called upon.
- Participate with development team to aide application security best practices within cloud environments.
- Assess existing cloud implementations, identifying security issues and prioritizing fixes.
- Help coordinate with the various teams to ensure patching is deployed appropriately.
- Help develop and refine DevOps/SecOps processes in relation to cloud deployments.
- Engage and empower technology organization personnel and other business units to understand and apply information security concepts to mitigate corporate risk.
- Plan, coordinate and provide subject matter leadership on information security projects.
- Help the organization’s internal customers understand and apply information security concepts, processes, and technologies.
- Work with developers, stakeholders, and project managers to incorporate security principles into engineering design and deployments.
- Perform security assessments, working closely with Production Operations and Development Operations teams on identifying security and privacy issues in AWS and finding solutions to provide required functionality securely.
- Participate in engineering projects to identify threats and vulnerabilities in our infrastructure and system architectures.
- Work with defined cybersecurity requirements for and work with engineering teams to successfully deliver on new software and hardware products.
- Identify threats and suspicious activity across the infrastructure and products.
- Identify process gaps and build out enhancements to existing threat and incident response plans and procedures.
- Maintain security requirements for regulatory bodies such as FedRAMP, HIPAA, SOX, and ISO standards.
- Participate in the release cycle, ensuring that all code has been properly vetted prior to deployment.
- Working knowledge of build tools such as Jenkins, Bamboo, TFS/VSTS, Source Control, etc.).
- 24/7 Security Operations support rotation.
- B.S. degree in a technology discipline, cybersecurity or risk management or equivalent related experience and training required.
- Security certification such as CEH, CCSP, CISSP, SANS GIAC, or relevant related experience and training required.
- 3 to 5 years of network security, application security, endpoint security, system administration, identity and access management, data security, incident response or penetration testing.
- Strong written skills to produce vulnerability reports that are easy to understand for each defined audience. Reports must be technically accurate for the development and infrastructure team to ensure remediation requirements are understood.
- Working knowledge of the appropriate security standards and frameworks including ISO, AICPA SOC, NIST, FedRAMP and other standards as they are identified.
- Ability to build, manage and improve the security programs identified, specifically the threat and vulnerability management programs using the identified standards.
- Working Knowledge of security hardware, software and features as well as the processes to manage and maintain. This includes direct working experience with vulnerability management tools such as Nessus, Rapid 7, Qualys, Fortify, WhiteHat. This also includes technologies within the operating system platforms (e.g. Windows, Linux); networking platforms (e.g. WIFI, DNS, DHCP, LAN/WAN; Cloud Solution Providers (e.g. Amazon Web Services, Azure), security zones, DMZ, VPN); identity and access management (e.g. Active Director, LDAP, SAML, OAuth, SSO); two-factor authentication (e.g. RSA, PKI, Microsoft MFA); log management and monitoring and SEIM; et al.
- Skills including being analytical with attention to detail and long periods of focused attention and sitting, ability to prioritize, troubleshooting.
- Certified Cloud Security Professional
- AWS Certified Security – Specialty
- Strong IT system and application engineering background with experience in Windows, Active Directory Group Policy, SQL, networking, VMware vSphere, and auditing
- Strong adaptability and capacity to work in fast-paced environments
- ITIL 4 Foundation certification
- Some travel may be required