Cloud Infrastructure Security, Assistant Manager

You will be working on a team of Information Security specialists that are accountable for Bloomberg INDG's on-prem and cloud infrastructure security program. We are looking for a candidate who is enthusiastic about security and enjoys collaborating with engineers to design secure solutions to uphold the security of our hybrid infrastructure. Some of the areas that you will focus on include identity access management, infrastructure-as-code, cloud services, Kubernetes solutions, and vulnerability management. What you will do: Architect and implement security solutions across multiple cloud environments (AWS, Azure) Monitor the cloud security posture, suggest improvements, and help guide the cloud infrastructure security program's future Partner with platform engineering and development teams to adopt security standards across a range of areas, including Container Security, Infrastructure as Code, Identity and Access Management, Resource Policies, Virtual Host Security, and Data Protection Provide security guidance to development teams supporting client solutions Responsible for coordinating security enhancements and deployment efforts for implementing client solutions. Assist with the implementation and management of cloud and on-premise security tools You Need to Have: Strong AWS Cloud knowledge (IAM, VPC, Security Groups, S3, KMS, etc) Demonstrated experience with evaluating identity-based policies, resource-based policies, access control lists (ACLs), permissions boundaries, and Service control policies Hands-on experience with DevSecOps with a focus on container and orchestration security Experience with Cloud Native Application Architectures and their associated security risks Experience with integration and management of holistic cloud security monitoring solutions Hands-on experience implementing secure configurations for AWS-managed services Ability to architect solutions across cloud services to auto-remediate risks Bachelor's degree in information security or equivalent experience One or more security certifications, such as AWS Certified Security Specialty or able to obtain one within 6 months of hire 3 years of experience in one or more of the following areas: * DevSecOps * Cloud Security * Vulnerability Management * Platform and Infrastructure engineering * Product Security

Created: 2024-11-05