Cloud Security Engineer

Job Type

Full Time Position

General Description

Applies skills as an experienced professional to ensure the security of cloud-based platforms. Assists the cloud security by engineering secure cloud technical solutions and ensuring all the cloud security controls and requirements are implemented and part of the cloud solution. Creates processes to support high quality security-operations, with real-time monitoring of security and compliance in cloud-based environments with a global user community. Responsible for definition of strategy, engineering deliverables and execution of technical security controls for both on premise and cloud Active Directory environments.  Recommends methods and techniques to achieve optimal results and helps establish a culture of security across the organization. Supports the achievement of compliance and regulatory goals that are based on the high level of security built into our products. The incumbent will need to be highly knowledgeable of the concepts of security, compliance, and risk assessment as well as have the technical ability to converse with software engineers about their plans and security concerns.

Essential Duties and Responsibilities

• Identify and provide security technical requirements analysis of cloud architectures and designs.
• Identify technical gaps, provide solution recommendations for cloud service acquisitions, development, migration, implementation, and performance, and participate in the activities.
• Responsible for implementation and validation of cloud security policies, standards, and best practices
• Responsible for development of cloud technical strategy, establishing governance, facilitating adoption and execution.
• Research emerging cloud security technical solutions to assess the relevance and potential value to the organization and presents information to senior management and peers.
• Assist in the development of the cloud security roadmap.
• Embeds cloud security capabilities into organizational-level business requirements and initiatives. 
• Participates in the Center of Excellence Council and ensures cloud security requirements are implemented to all cloud solutions and initiatives.

Essential Duties and Responsibilities (cont.)

• Ability to explain and document cloud security controls, requirements, and guidance to management.
• Conduct cloud security testing to identify weaknesses, technical flaws, and vulnerabilities.
• Ensure Cloud components meet regulatory compliance requirements.
• Provide recommendations for Active Directory migration patterns to cloud environments for identity and roles adoption strategies.
• Solution and design security accreditation and validation strategy for current and future state Active Directory engagements.
• Assess objects, schemas, and dependencies to define proper enhancements and maturity roadmaps for the enterprise Active Directory environment.
• Establish the operational model for ongoing monitoring and enhancement of Active Directory environments and dependencies
• Perform security evaluations and continuous monitoring processes.

Essential Duties and Responsibilities (cont.)

• Participate in incident identification and response activities.
• Assess SecOps factors and facilitate remediation of identified vulnerabilities for security across the enterprise.
• Aligns security deliverables with legal, regulatory, and contractual requirements that conform with security framework and standards such as NIST SP 800-53 rev 4, ISO/IEC 27000 series, OWASP Top 10, among others.

Education

Experience

A minimum of five (5) years of experience in security aspects of system engineering or relevant IT experience. At least two (2) years of Security engineering experience in a complex technology environment and working with cloud environments.

Certifications / Licenses

Certifications are highly desirable but not required.

• CGEIT, GSEC, CASP+, CEH, Security+, CompTIA Cloud+, CCSP, CISSP
• AWS Certified Solutions Architect – Associates, or Professional
• AWS Certified Practitioner, AWS Certified Security Specialist
• Microsoft SC-200, 300, 400, 900; AZ-104, 204, 303, 304, 500, 900; DP-203, 900
• ITIL 4

Knowledge, Skills & Abilities (KSA's)

• Familiarity with integrating Active Directory with other Identity Provider services (ex. OKTA, Azure, Ping)
• Solution and low-level design security accreditation and validation strategy from an engineering perspective.
• Understanding Security Engineering and related functions applied creatively to support and integrate with key business and strategic priorities.
• Experience with multifactor authentication and conditional access policies
• Experience managing large Active Directory installations, such as multiple forest/domain environments.
• Experience consolidating Active Directory environments (ex. during merger and acquisition situations)
• Experience securing desktop environments using technologies such as Group Policy and Windows Intune.
• Experience with Microsoft 365, Azure AD, as well as on-premises AD.

Region Locations

Puerto Rico, Colombia, or SFL. 

Work Schedule

Hybrid or Remote

Competencies