Cloud Security Engineer
As a Cloud Security Engineer, you will play an integral role in executing on security strategies to protect sensitive company and customer data. You will work alongside groups within the business and engineering to design and implement processes, solutions and training that reduce threats from internal and external sources.
In addition to the development, implementation, and support of security programs for the Shift Digital Operating Model, this role requires skills from a blend of traditional infrastructure technologies, Azure Cloud IaaS and PaaS offerings, cloud ops, experience with systems development and cyber operational experience.
Secondary skills will include an understanding of modern cloud IaaS/PaaS/SaaS capabilities, Kubernetes, DevOps practices, design and implementation of CI/CD pipelines, third party integrations, service development, and automation of service provisioning.
What You Will Do in Your Role
· Plan and implement data security solutions over Azure and DevOps environments that reduce or remove the risk of malicious and/or accidental data exfiltration.
· Ensure our security procedures and documentation provide the proper guidance and governance to protect our sensitive and confidential information.
· Provide guidance on secure software development at all stages of our SDLC –Including architecture and design reviews prior to start of development.
· Review and recommend improvements for existing processes to continually improve our data security posture.
· As a subject matter expert, curate Shift Digital’s knowledge through documentation, procedures, playbooks, runbooks, awareness content, and other inter- and intra-team activities.
· Work with software engineers for security POC’s and practical implementations
· Lead high severity or complex initiatives that may involve external partners.
The Experience You Will Bring
Requirements:
· Security engineering and architecture subject matter expertise in threat detection, data protection, security incident response and recovery, and attack surface reduction functional areas.
· Experience with foundational cloud security controls and different types of cloud architectures such as SaaS, IaaS, CaaS and FaaS and deployment models in public cloud platforms such as Azure.
· Knowledge of Zero Trust theory and solutions.
· Seasoned expertise in application and infrastructure security disciplines across all types of digital platforms.
· Understanding of Microsoft products in deployed to large scale environments.
· Ability to collaborate with project teams and engineers to understand and develop solutions that meet organizational and client requirements while aligning with the Shift Digital Cybersecurity Strategy
· Ability to identify solutions that solve complex security challenges at the architectural level.
· Experience in communicating and leading discussions regarding technical solutions or problems to varying levels of the organization.
· Strong sense of ownership combined with collaborative approach to overcoming challenges and influencing organizational change.
· Highly adaptable in a fast-paced hyper-growth environment; proven track record of delivering while working independently.
What Will Put You Ahead
· Understanding and/or experience developing and implementing Security Programs, such as Data Protection, Vulnerability Management, Security Incident Response, Risk Management, and other related Security Programs.
· Implementation and/or management of data classification solutions (e.g., Titus, Microsoft Information Protection, Bolden James)
· Familiarity with design patterns for the security of APIs and microservice based architectures.
· Active Directory architecture (Hosting single-tenant environments a plus); Microsoft MFA, SSO, Conditional Access, PIM.
· Cloud Security certifications (AWS Security Specialty, Azure Solutions Architect, etc.).
· Experience with Azure Security Center, Azure Defender, and Azure Sentinel
Education and Experience:
· 10+ years of hands-on experience in IT
· 5+ years of experience performing an Engineering or Architect role
· 5+ years in IT/Application Security
4-year college degree preferred