Cybersecurity Metrics and Reporting Lead overseeing development of security metrics and dashboards. Collaborating with teams to improve cybersecurity program effectiveness and compliance tracking.
About the role
- Senior Cloud Security Engineer securing public cloud platforms and services in the financial industry. Collaborating with teams to enhance security posture and ensure compliance in cloud environments.
Responsibilities
- Identify threats, and design and develop appropriate defense measures
- Evaluate public cloud platform's, native cloud services', public cloud workloads' changes for security implications
- Ensure public cloud platform, services, and workloads are secure by design, which includes identifying, presenting opportunities of improvement on enhance the security posture of the public cloud environments
- Configure continuous compliance validation to ensure ongoing adherence to security policies and regulations
- Support the monitoring of cloud environments for security incidents and for rapid response through automated mechanisms
- Collaborate with cross-functional teams, including developers, cloud engineers, architects, and operations, to (1) embed security-as-code practices into the DevOps pipeline, and (2) implement technical enhancements to the security design/posture of the public cloud environments
- Serve as a subject matter expert on public cloud technologies and security solutions
- Provide guidance and mentorship to team members
- Foster a culture of continuous improvement, innovation, and knowledge sharing across the organization
- Stay updated on the latest cloud security threats and advancements
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field, or relevant industry certifications
- At least 3 years of experience in designing, implementing, and securing public cloud platforms and services, preferably in AWS and Azure; OCI is a plus
- Professional experience in highly regulated industries, preferably in financial industry is major plus
- Required certifications - at least one of the following: AWS Certified Solutions Architect (Associate and/or Professional), AWS Certified Security - Specialty, Microsoft Certified: Azure Security Engineer Associate
- The following certifications are a plus: ISC2 Certified Cloud Security Professional (CCSP), ISC2 Certified Information Systems Security Professional (CISSP), ISACA Certified Information Systems Manager (CISM), EC-Council Certified Ethical Hacker (CEH)
- Expertise in public cloud service providers, especially in Amazon Web Services (AWS) and Microsoft Azure; Oracle Cloud Infrastructure (OCI) is a plus
- Hands on experience with public cloud-native platforms and services - such as Compute, Network, Storage, and ideally Generative AI/Agentic AI public cloud services - with understanding of security control requirements to securely implement for usage of services
- Hands on experience with public cloud-native security services specialized in Threat Detection, Encryption, Data Protection, Compliance, Identity and Access Management / Permission guardrails, etc
- Preferably, hands on experience with solutioning and configuring automated security policies in Cloud Native Application Protection (CNAPP) inclusive of capabilities such as Cloud Security Posture Management (CSPM), Infrastructure-as-code (IaC) Scanning, etc
- Deep understanding of cloud security frameworks (e.g., AWS Well-Architected Framework, Azure Well-Architected Framework), industry compliance requirements, and best practices
- Familiar with Infrastructure as code, preferably Hashicorp Terraform; AWS CloudFormation, and Azure Resource Manager (ARM) templates
- Strong analytical skills to identify potential security risks and automate security compliance checks
- Excellent problem-solving abilities and the capacity to work effectively under pressure
- Be proactive, with a strategic approach to security management, ensuring that the public cloud platform and solutions are not only secure but also compliant at all times through automated policies and validation
Benefits
- comprehensive health and wellness benefits
- retirement plans
- educational assistance and training programs
- income replacement for qualified employees with disabilities
- paid maternity and parental bonding leave
- paid vacation
- sick days
- holidays
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Senior Developer in Defensive Security for Clio, a leader in legal AI technology. Join a team to proactively tackle application security vulnerabilities and enhance security practices.
Intern role in emerging network systems at KBR Mission Technical Solutions. Focused on network interconnection problems and quality of service metrics in a collaborative environment.
Director of Product Security leading cybersecurity initiatives for medical devices at LivaNova. Ensuring patient safety and compliance with regulatory demands across product lifecycle.
Security Engineer driving modernization and improvements in KPMG's cybersecurity services. Engaging in technology evaluation, process innovation, and stakeholder communication.
Identity and Access Security Analyst at HII’s Newport News Shipbuilding focusing on SAP Security skills. Designing secure operating systems and conducting security assessments.
Senior Security Specialist ensuring compliance and security measures at Disney. Supporting audit processes and collaborating on risk assessments to enhance cybersecurity.
Risk Analyst supporting Keyloop’s Security Governance by managing information security risks. Identifying and monitoring risks while ensuring compliance with regulatory standards.
Cloud Security Engineer responsible for designing and implementing security controls for cloud environments at Keyloop. Ensuring secure adoption and compliance while working with platform and engineering teams.
IT Infrastructure & Security Engineer managing and developing network and server infrastructure at L - mobile. Collaborating on security measures and supporting internal audits in a hybrid role.