Senior Cloud Security Engineer
Educology Solutions - washington, DC
Apply NowJob Description
ESI is seeking a Senior Cloud Security Engineer to support work one of our customers. Duties & Responsibilities Deployment and ongoing maintenance of the AWS cloud security controls, as established by HBX. Identifying, deploying, and maintaining necessary cloud security controls; and ensure secure operation and maintenance of HBX 's AWS environment(s). Source-to-image container-based deployment model management Image-stream container management - e.g. ensuring changes in the base image trigger an image rebuild Automated CI pipeline management, Management of automated security scans, especially while building container images Supporting, creating, and managing cloud infrastructure through infrastructureas-code (IaC) Support gitops operational model. Infrastructure management by pull-requests Support deployment to multiple container-based cluster orchestration frameworks Support applying business security rules through automated "operator agent" Support cloud native, container networking interface Support for container network level isolation Support for zero downtime scaling and upgrades Support for backups of all stateful components, ability to restore with few minutes granularity Support for storing all secrets in cloud-native KMS stores Support auditing mode to view infrastructure divergence Migrating production environment with zero downtime Support for automated approval based continuous deployment (CD) Support for chaos operations model to ensure robustness Mutual TLS across all container communications in the cluster Full dashboard visibility on the cluster Support for automatic graphing of network communication patterns and dependencies Support for service mesh networking model Support for read-write-many distributed storage cluster-wide Support for disaster recovery in a different cloud region (RTO/RPO 1hour) Management & Analysis of Security of Logs: support HBX IT staff to monitor and conduct in-depth analysis of logs, and work with HBX Privacy Officer to manage incident response in the event of a breach involving any HBX-managed data. Includes maintenance of centralized repository of log collection and analysis. All logs shall be monitored constantly to identify any potential threats/vulnerabilities. Qualifications: Five years' experience in the following areas or with the following tools: • IT security, with a focus on designing and implementing security architectures for cloud environments. • Proficiency with AWS Cloud Platform. Deep understanding of cloud security best practices and technologies. • Security Technologies, including firewalls, VPNs, IDS/IPS, WAFs, SIEM, and endpoint security solutions. • Encryption, Amazon Cognito, AWS Security Hub, Amazon GuardDuty, Amazon Inspector (2) Familiarity with industry standards and regulations such as NIST, HIPAA, and SOC 2. Experience in conducting security assessments and audits. (3) Demonstrated problem-solving skills; excellent verbal and written communication skills, including the ability to explain complex security concepts to non-technical stakeholders; demonstrated ability to work effectively with cross-functional teams. Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. AWS Certified Security Certification - Specialty, earned in the past 5 years THIS IS REQUIRED Certifications in the any of the following are strongly preferred : Certified Information Systems Security Professional (CISSP) • Certified Cloud Security Professional (CCSP) • Certified Information Security Manager (CISM) • Certified Information Systems Auditor (CISA)
Created: 2024-11-05