Location: Milwaukee,WI, USA
We are seeking an experienced Cloud Security Engineer to join our team. The ideal candidate will have extensive experience in securing cloud environments, specifically Microsoft Azure and Google Cloud Platform (GCP), as well as a solid understanding of hybrid infrastructures. This role involves designing, implementing, and managing security solutions to protect our cloud and on-premises assets. The Senior Cloud Security Engineer will collaborate with cross-functional teams to ensure that security best practices are integrated into all aspects of our operations.
Key Responsibilities:
• Cloud Security Architecture and Implementation:
• Design and implement security controls and solutions for Azure and GCP cloud environments.
• Develop and maintain security policies, standards, and procedures specific to cloud services.
• Security Assessments and Compliance:
• Conduct security assessments and audits of cloud infrastructure to identify vulnerabilities.
• Ensure compliance with industry standards and regulations such as ISO 27001, NIST, PCI DSS, and GDPR.
• On-Premises Security Integration:
• Integrate cloud security solutions with on-premises infrastructure to create a cohesive security posture.
• Assist in securing on-premises backend systems, ensuring seamless interoperability with cloud services.
• Incident Response and Monitoring:
• Monitor cloud environments for security breaches and respond to incidents promptly.
• Implement and manage security monitoring tools and intrusion detection systems.
• Automation and DevSecOps Integration:
• Work with DevOps teams to integrate security into CI/CD pipelines.
• Automate security tasks using scripting and cloud-native tools.
• Collaboration and Support:
• Collaborate with IT, development, and operations teams to promote security awareness.
• Provide technical guidance and mentorship to junior security team members.
• Continuous Improvement:
• Stay updated on the latest security threats, technologies, and industry trends.
• Recommend enhancements to existing security policies and procedures.
Required Qualifications:
• Bachelor's degree in Computer Science, Information Security, or related field.
• 5+ years of experience in information security, with a focus on cloud security.
• Extensive experience with Microsoft Azure and Google Cloud Platform (GCP) security features and services.
• Strong understanding of on-premises infrastructures and technologies, including servers, networking, and virtualization.
• Proficiency in security frameworks and compliance standards (e.g., ISO 27001, NIST CSF).
• Experience with security tools such as SIEMs, IDS/IPS, and vulnerability management systems.
• Familiarity with infrastructure-as-code tools (e.g., Terraform, Ansible) and scripting languages (e.g., Python, PowerShell).
Preferred Qualifications:
• Certifications such as CISSP, CCSP, Azure Security Engineer Associate, Google Professional Cloud Security Engineer, or equivalent.
• Experience with DevSecOps practices and integrating security into CI/CD pipelines.
• Knowledge of containerization technologies (e.g., Docker, Kubernetes) and their security implications.
• Understanding of identity and access management (IAM) in both Azure and GCP.
Skills and Competencies:
• Technical Expertise: Deep knowledge of cloud security principles, architectures, and best practices for Azure and GCP.
• Analytical Skills: Ability to analyze complex security issues and develop effective solutions.
• Problem-Solving: Proactive in identifying potential security risks and implementing preventative measures.
• Communication: Excellent verbal and written communication skills to articulate security concepts to technical and non-technical stakeholders.
• Collaboration: Strong team player with the ability to work effectively across departments.
• Adaptability: Ability to adapt to new technologies and learn quickly in a fast-paced environment.
• Integrity and Ethics: High level of professionalism and commitment to maintaining confidentiality and integrity.