Cloud Security Engineer - Azure

4 days per week onsite in Downtown NYCCloud Security EngineerPermanent role - 160K base salary + benefitsRole Summary*This position is highly technical. The Cloud Security Engineer is responsible for testing, installing, configuring, and maintaining security solutionstools as well as monitoring infrastructure (networks and systems) for unusual activity, security breaches, andor intrusions. This individual will work closely with client teams on the implementation, maintenance, and administration of security tools. Additionally, Cloud Security Engineers communicate findings, incidents, and concerns to relevant team members and leadership in a timely manner and work with teams to address and remediate those findings and concerns.ResponsibilitiesStandardizing Azure Security best practices, processes, and proceduresWorking with team members to develop and document security standards and policies that align with HITRUSTFinding gaps with the current cloud security posture and assisting with finding new security products, installation, configuration, and operation of new security products and procedures.Deploying, troubleshooting, maintaining, and administering security solutions (such as Endpoint Protection (Crowdstrike), SIEMs (Crowdstrike), Vulnerability Management solutions (Rapid7), email security gateways (Mimecast), event logging solutions)Extensive knowledge of DLP solutions and working with our system with implementing themConducting vulnerability scans of environments and remediation of vulnerabilitiesUndertaking system and infrastructure hardening efforts per standardized benchmarks (E.g.: NIST standards, HITRUST, etc.).Installation and configuration of solutions that monitor for and notify when unusual behavior is detected.Monitoring infrastructure for security breaches or intrusions (via security tools and solutions).Monitoring for irregular system behavior.Ensuring detailed, timely, and accurate information regarding security concerns, security findings, and vestigations into how incidents andor breaches occur as a member of the incident response team.Participation in security tabletop exercises.Helping maintain information security strategy.Recommending modifications with regards to legal, technical, and regulatory areas.Required SkillsCompetencies5-10 years' experience in Information Security and Engineering.Strong foundational knowledge across Microsoft Azure Cloud technology stackExperience with LaaS and PaaS solutionsStrong IAM experienceStrong Azure environment experienceStrong O365 experienceA strong background in both data information security and system engineering.Possession of both deep and wide expertise in the cloud security space.Experience deploying, troubleshooting, integrating with, managing, and maintaining cloud security solutions (Email security gateways, network security tools, SIEMs, AntivirusEPP technologies, etc.).Experience monitoring infrastructure and systems for security breaches or intrusions and working with SOC team to remediateFamiliarity with regulatory requirements (HITRUST, HIPAA, SOC2, etc.).Experience with Third-Party cloud based penetration testingDeep understanding of security practices of Windows server operating systemsExperience in some specific industry verticals (Healthcare) is helpful.Excellent communication skills, both written and verbal.Documentation of security tools, deployment configuration, incident reports, munication with client teams on the above as well as clear explanation of concerns, findings, and incidents.Availability to work nights and weekends during (un)planned outages and other special circumstances, with 247 accountability.Availability to enter on call rotation.Ability to lift 50 lbs.

Created: 2024-10-25