Cloud Security Engineer

Interested in improving the security of a Cloud-based SaaS application?

This may be the job for you!

The Cloud team is responsible for the architecture, development and implementation of the infrastructure used by our applications. We build the full stack: servers, operating system, and application delivery units. The team works directly with our Development teams to deploy deeply integrated products. As we build out our CXM SaaS platform, the team will be part of building out exciting, cutting edge solutions on AWS.   The Cloud Security Engineer role is a cross functional role helping our Cloud Infrastructure, Security and Development teams to secure our SaaS application. This role will work with the Cloud Team to prioritize and implement solutions to improve our platform’s security and respond to security issues if they arise.

Responsibilities

• Provide day-to-day operational security support 
• Develop and maintain an infrastructure security roadmap 
• Implement and maintain security solutions, including WAF, DDoS mitigation, and Antivirus
• Implement AWS security best practices
• Assist in the implementation of secure infrastructure design 
• Diagnose and resolve any security issues and follow up on root cause analysis 
• Maintain documentation related to infrastructure design and implementation
• Harden the internal infrastructure though configuration changes, patching and other controls
• Manage the configuration and review of infrastructure logging and alerting 
• Identify opportunities for automating tasks 
• Educate technical staff on security best practices 

Requirements

• Experience in multi-site, heterogeneous, large-scale enterprise or SaaS infrastructure 
• Experience securing a global 24/7 cloud environment 
• Excellent working knowledge of TCP/IP and network topology design, implementation and troubleshooting  
• Ability to diagnose and resolve complex problems; excellent interpersonal verbal and written communication skills 
• Experience writing documentation of systems, policies and procedure 
• Experience with Microsoft Windows and Linux (CentOS) 
• Experience with Docker containers, specifically Kubernetes, AWS EKS and ECS
• Experience with cloud hosting, specifically Amazon Web Services (EC2, S3, ELB, CloudFront, etc.) 
• Experience with Infrastructure-as-code like Terraform or Cloudformation
• Experience with Web Application Firewalls, DOS mitigation, log parsing, and secure OS configuration. 
• Experience with application delivery platforms for load balancing, caching, compression, application firewalling, reverse proxy, SSL termination, etc
• Demonstrate a high degree of integrity and trust along with the ability to work independently

Nice to haves

• Experience with audit, privacy and compliance frameworks (e.g. SOC2, HIPAA)
• Experience with web application security topics (e.g. CORS, SAML) 
• Relevant security certifications (one from SANS or ISC2 would be good but we’ll consider others equally)
• Experience with configuration management in a cross platform environment; using Chef, Puppet or Ansible to manage and deploy applications to both Windows and Linux devices 
• Strong scripting skills (bash, ruby, powershell, etc)  
• Network and/or security certifications 
• Bachelor of Computer Science/Engineering Degree or equivalent