Cloud Security Engineer

Texas, Houston, 77070

Contract

Vacancy expired!

Position Details

Title: Cloud Security Engineer

Location:

Onsite 3 times a week, Houston, TX 77040

Duration:

Fulltime permanent

Responsibilities:

Enable and support BU/Corporate teams

First line of support for cloud security engineering, liaising with Security SMEs and teams
Quarterly review of legacy exceptions/controls and remedy in partnership with teams
Lights-on-Support: Manage incidents and problems in AWS and Azure
Monitoring, tracking, and advising teams on remediation of non-compliant resources identified by Turbot and other AWS-native tools such as Guard Duty, AWS Security Hub, and Azure Security Center
Offer consultancy as Cloud Security SME to BU/Corporate, focusing on security and resiliency

Automate processes

Automate security controls and allied activities
Identify manual controls and reports needing automation
Automate security-as-code with version control, change control, and roll-back capability
As a T-shaped resource, automate cloud services as needed
Automation on guardrail reporting and alerting to tech owners

Develop and maintain cloud security foundational services

Deploying Identity and Access Management systems to secure production and corporate access, such as: SSO, SAML
Extending and maintaining automated enforcement of security guardrails using Turbo to ensure compliance with TMHCC security policies.
Ensure logging and monitoring feeds and tools are in-place and functional (feeds to Sumo Logic and Security SIEM(LogRhythm currently)
Implementing and maintaining AWS platform integrations with security tools such as Qualys and Crowdstrike
Acting as a liaison between the Cloud Platform & Services team and the Security team (SOC) to assist with AWS-related security investigations, if needed
Harden configurations using standards such as the Center for Internet Security(CIS) security benchmarks for Docker, AWS Kubernetes, and others and keep software up to date
Use VeraCode Software Composition Analysis (SCA) to scan all container images, as well as dynamically and statically linked dependencies and nested dependencies, for known vulnerabilities and embedded secrets

Skillset and Experience Required:

Bachelor’s degree in computer science or other highly technical, scientific discipline
7 or more years' experience in Cyber/IT Security
Experience with compliance, or risk management
Hands-on experience with AWS cloud
Hands-on technical expertise in building security capabilities in code and deploying infrastructure in code
Understanding of Cloud Security across realms of Identity, Monitoring Auditing and Cryptography
Working knowledge or experience of information security within the enterprise
A strong grasp of Information Security and implemented processes to review IT infrastructure
Knowledge and experience with threat modeling and penetration testing, especially for web application and web APIs
Web security and compliance experience (e.g., Firewalls, IDS/IPS systems, DDOS prevention and PCI, HIPAA,FIPS, etc.)

Cyber security,infosec,aws,cloud,automation,IAM,Compliance,risk,threat,cloud security

Vacancy expired!

Report job