• Find preferred job with Jobstinger
  • ID
    #17811745
  • Job type
    Permanent
  • Salary
    TBD
  • Source
    Auto Club of Southern California
  • Date
    2021-08-03
  • Deadline
    2021-10-02
 
Permanent

Vacancy expired!

Cloud Security Engineer

Job Duties

  • Lead Engineering efforts to adopt new cloud-based security tools and controls.
  • Maintain and Operationally support Cloud Security infrastructure across various providers such as Azure, GCP, AWS, utilizing various cloud native tools such as Prisma Cloud, CASB, DLP, Zscaler, Microsoft Advanced Threat Protection, and others.
  • Development and maintenance of a collaborative, cross functional, technical and operational roadmap for Cloud Security Operations.
  • Provide effective troubleshooting and sustainable resolution of issues pro-actively detected and/or escalated to the team.
  • As required by each desired business outcome, work independently or with information security team members, appropriate departments, vendors, and management to develop and implement enterprise cybersecurity architectures and solutions.
  • Evaluate and develop risk outcome focused secure solutions based on best practice and approved security architectures.
  • Serve as a security expert in areas such as vendor risk management, application development, database design, network, cloud-based services and/or platform (operating system) efforts, helping comply with enterprise and IT security policies, industry regulations, and best practices.
  • Research, design, implement, and/or advocate new technologies, architectures, and security products that will sustainably support security requirements for the enterprise, our customers, business partners, and vendors.
  • Work with architects, and security specialists to ensure appropriate risk based security solutions are in place throughout all IT systems, vendor assessments, and platforms.
  • Effectively mitigate risk to meet business objectives and regulatory requirements.
  • Analyze business impact and exposure based on emerging security threats, vulnerabilities, countermeasures, and risks. Proactively communicate security risks and solutions to business partners and IT staff as needed.
  • Act as a resource providing appropriate direction, training and guidance for less experienced staff while serving as a technical expert to the organization.
  • Effectively support awareness via training of our workforce regarding information security standards, policies, and best practices.
  • Installation and effective operational use of security appliances, software, outsourced services, and surveillance capabilities.
  • Incident response technical leadership on behalf of the department including steps to minimize impact and conduct technical and forensic investigations including identification of impact .
  • Monitor security controls for events, breaches, compliance, and conduct investigations as appropriate.
  • Actively participate in weekly on-call support team rotation and Agile/Devops processes as required.

Employee Qualifications

  • Requires disciplined, high level technical and analytical skills, as well as systems knowledge, to design and implement complex system security solutions for operational needs.
  • Evaluation and analysis of business requests requiring decision making and problem-solving skills to effectively integrate Club systems security procedures into business processes.

  • The successful candidate has experience using, implementing, maintaining, and managing various cloud hosted security tools as well as cloud-based Security Incident and Event Management (SIEM) solutions, such as (but not limited to) Azure Sentinel, Splunk, and others.

Education:
  • Bachelor's or master's degree in Computer Science, Information Systems, a related field, or equivalent combination of education and experience required.

Typical Experience:

  • 3 years of cloud experience with a minimum of 1 year operating within an Azure environment.
  • Experience with cloud monitoring tools such as (Cloud Security Posture Management (CPSM) and Cloud
  • Workload Protection Platform (CWPP) tools
  • Cloud certifications (Azure, AWS or GCP)
  • Cloud security certifications (e.g., Certified Cloud Security Professional, Certificate of Cloud Security Knowledge, etc.)
  • Hands on experience of MS Azure & O365 Solutions and related controls
  • Typically has 10 or more years of combined IT and security work experience in mid-size or large environment with a broad exposure to infrastructure/network, cloud, and multi-platform environments.
  • Four or more years as an Information Systems practitioner across multiple infrastructure and/or application disciplines such as networking, servers, storage, application development, application quality assurance.
  • Three or more years as an Information Security practitioner working in a Security Operation Center.
  • Strong verbal and written communication skills with the ability to articulate risks and findings to business partners and management.

Knowledge/Skills/Competencies:
  • Comprehensive knowledge of cross-platform technical principles, security practices, and procedures for private/public cloud computing, distributed systems, desktop computers, laptops, tablets, phones, and workstations is desired.
  • Proven ability to work as a small project leader or subject matter expert on multiple projects of high complexity that require in-depth knowledge and operational expertise.
  • Personal experience with establishing and implementing policies and procedures protecting information flow to and from large numbers (i.e., over 1,000) of users accessing company information.
  • Senior level operational experience implementing effective Cybersecurity controls.
  • Practitioner level experience with enterprise on premise, cloud, and hybrid-based data network configuration and infrastructure concepts, including TCP/IP routers, internet/intranet/extranet, firewalls, web servers and security hierarchy including the application of encryption key infrastructures and authentication processes.
  • General knowledge and experience with security technologies including public and private key encryption, digital certificates, Kerberos, challenge/response, smart card, Secure ID or one-time password authentication mechanisms, Java, HTML-5, and ActiveX.
  • Experience working with waterfall, DevOps, and agile product development methodologies a plus.
  • Experience and relevant knowledge implementing security controls based upon OWASP, NIST CSF, PCI DSS frameworks and controls.

Special:
  • One or more of the following CISM, CISA, ISO 27001 Lead Auditor, and/or Certified Information Systems Security Professional (CISSP) certifications is preferred.

Remarkable benefits:• Health coverage for medical, dental, vision• 401(K) saving plan with company match AND Pension• Tuition assistance• PTO for community volunteer programs• Wellness program• Employee discounts

The Automobile Club of Southern California is part of the largest federation of AAA clubs in the nation. We have 14,000 employees in 21 states helping 17 million members. With our national brand recognition, long-standing reputation since 1902, and constantly growing membership, we are seeking career-minded, service-driven professionals to join our team.

"Through dedicated employees we proudly deliver legendary service and beneficial products that provide members peace of mind and value."

AAA is an Equal Opportunity Employer

The Automobile Club of Southern California will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable federal, state and local laws, including the City of Los Angeles' Fair Chance Initiative for Hiring Ordinance.

Vacancy expired!

Report job