Senior Cloud Security Engineer
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
POSITION SUMMARY:
CODICE seeks an experienced Senior Cloud Security Engineer to join our team. The ideal candidate will be responsible for securing, managing, and operating an AWS cloud environment, with a focus on container-based deployments. This role requires a deep understanding of cloud security best practices, extensive experience with AWS services, and the ability to implement and maintain robust security controls in a dynamic cloud environment.
ESSENTIAL FUNCTIONS
Duties and Responsibilities
Deploy and maintain AWS cloud security controls as established by the client.
Identify, deploy, and maintain necessary cloud security controls to ensure secure operation of the client’s AWS environment(s).
Manage source-to-image container-based deployment models and image-stream container management.
Oversee automated CI pipeline management and automated security scans, especially during container image building.
Create and manage cloud infrastructure through Infrastructure as Code (IaC) practices.
Support GitOps operational model, managing infrastructure through pull requests.
Implement and support deployment to multiple container-based cluster orchestration frameworks.
Apply business security rules through automated "operator agent" systems.
Implement and manage cloud-native container networking interfaces and network-level isolation.
Ensure zero-downtime scaling and upgrades of cloud systems.
Implement and manage backups of all stateful components with fine-grained restoration capabilities.
Manage secrets using cloud-native Key Management Service (KMS) stores.
Implement and maintain auditing capabilities to view infrastructure divergence from IaC.
Plan and execute zero-downtime migrations of production environments.
Implement and support automated approval-based continuous deployment (CD) processes.
Develop and maintain a chaos operations model to ensure system robustness.
Implement and manage mutual TLS across all container communications in the cluster.
Develop and maintain full dashboard visibility on the cluster.
Implement automatic graphing of network communication patterns and dependencies.
Design and support service mesh networking models.
Implement read-write-many distributed storages solutions cluster-wide.
Design and implement disaster recovery solutions in different cloud regions (RTO/RPO 1 hour).
Manage and analyze security logs, supporting the client’s IT staff in monitoring and conducting in-depth analysis.
Collaborate with the client Privacy Officer to manage incident response in the event of a data breach.
Maintain a centralized repository for log collection and analysis, ensuring constant monitoring to identify potential threats and vulnerabilities.
Knowledge, Skills and Abilities
Advanced understanding of AWS cloud services and architecture
In-depth knowledge of cloud security best practices and technologies
Comprehensive understanding of container-based environments and their security implications
Thorough knowledge of Infrastructure as Code (IaC) principles and practices
Strong understanding of networking concepts, including VPNs, firewalls, and service mesh architectures
Deep knowledge of encryption technologies and their applications in cloud environments
Familiarity with industry standards and regulations such as NIST, HIPAA, and SOC 2
Understanding of CI/CD pipelines and their security considerations
Knowledge of GitOps principles and practices
Understanding of disaster recovery concepts and strategies in cloud environments
Knowledge of log management and analysis techniques
Proficiency in implementing and managing AWS security services (e.g., AWS Security Hub, Amazon GuardDuty, Amazon Inspector)
Ability to design and implement secure cloud architectures
Skill in managing and securing container-based deployments
Proficiency in writing and managing Infrastructure as Code (e.g., using tools like Terraform or CloudFormation)
Ability to implement and manage automated CI/CD pipelines with integrated security checks
Skill in implementing and managing Kubernetes or other container orchestration platforms
Proficiency in implementing zero-trust security models in cloud environments
Ability to design and implement robust backup and disaster recovery solutions
Skill in implementing and managing service mesh architectures
Proficiency in log analysis and security event management
Ability to conduct thorough security assessments and audits
Skill in implementing chaos engineering principles to ensure system robustness
Strong problem-solving and analytical thinking capabilities
Excellent verbal and written communication skills, including the ability to explain complex technical concepts to non-technical stakeholders
Ability to work effectively in cross-functional teams and collaborate with various departments
Capacity to manage multiple projects and priorities in a fast-paced environment
Ability to stay current with rapidly evolving cloud technologies and security threats
Strong attention to detail, especially when implementing and auditing security controls
Ability to think creatively to develop innovative solutions to complex security challenges
Capacity to work under pressure, particularly during security incidents or critical system updates
Ability to mentor and guide junior team members on cloud security best practices
Strong ethical standards and ability to handle sensitive information with discretion
Ability to adapt quickly to new technologies and methodologies in cloud security
Capacity for continuous learning and professional development in the rapidly evolving field of cloud security
QUALIFICATIONS
Required Education:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Required Experience:
Minimum of 8 years of experience in IT security, with a focus on designing and implementing security architectures for cloud environments.
Proficiency with AWS Cloud Platform and deep understanding of cloud security best practices and technologies.
Extensive experience with security technologies, including firewalls, VPNs, IDS/IPS, WAFs, SIEM, and endpoint security solutions.
Strong knowledge of encryption technologies and AWS security services such as Amazon Cognito, AWS Security Hub, Amazon GuardDuty, and Amazon Inspector.
Familiarity with industry standards and regulations such as NIST, HIPAA, and SOC 2.
Experience in conducting security assessments and audits.
Required Licensure/ Certification:
AWS Certified Security – Specialty (earned within the past 5 years)
Preferred Certifications (one or more)
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)