Software Security Engineer Jobs

Agilus Work Solutions has a financial services client that is looking for a Cloud Security Solutions Engineer to join their Information Security team on a permanent basis. The Cloud Security Solutions Engineer will lead various technical initiatives and architecture conversations with other IT teams. Hence, the successful candidate must possess a solid understanding of information security, cloud infrastructure, identity and the concepts which underpin Zero Trust . The role also requires the ability to understanding business goals/strategy and operational requirements in a fast-paced environment.

The Cloud Security Engineer is responsible for three primary functions within the Information Security Core Team. The first is to continuously govern and improve the core cross cutting security services including cloud infrastructure. The second is to improve the organization’s overall Cloud security posture, by providing oversight and working closely with the distributed IT team’s DevSecOps engineers. Third, to help InfoSec implement new processes and automation to reduce recurring tasks and approvals.

Responsibilities:

1. Strategy & Planning

• Recommend strategic improvements with regards implementing Zero Trust approaches considering that Identity & Access Management is part of the new edge
• Participate in the creation of enterprise security documents (ie. policies, standards, baselines, guidelines, and procedures)
• Participate in the planning and design of enterprise security architecture, under the direction of the Director, Information Security Operations

2. Acquisition & Deployment

• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security
• Maintain up-to-date detailed knowledge of the Information security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
• Perform the deployment, integration, and initial configuration of new security solutions and enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically

3. Operational Management

• Maintain operational configurations of security solutions as per the established baselines. • Monitor security solutions for efficient and appropriate operations
• Maintain up-to-date baselines for the secure configuration and operations of all in-place devices (i.e., security tools, workstations, servers, network devices, etc.)
• Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
• Review logs and reports of devices (i.e., security tools, workstations, servers, network devices, etc.)
• Participate in investigations into problematic activity

Requirements:

• 3+ years of exposure to Kubernetes
• 5+ years of experience in information security
• 7 – 10 years of experience in IT Infrastructure with a minimum of 5 years working with Azure or AWS
• Bachelor’s Degree in computer science or related field

• ISC2 Systems Security Certified Practitioner (SSCP)
• ISC2 Certified Information Security Professional (CISSP)
• ISC2 Certified Cloud Security Professional (CCSP)
• One or more of the following certifications:
• ISACA Certified Information Security Auditor (CISA)

• Strong understanding of security best practices with regards to operating systems, network appliances, and databases
• Strong understanding of cloud security principals relating to IaaS/PaaS/SaaS, and a background in working within enterprise cloud environments such as Azure, AWS etc.
• Deep understanding of technological concepts such as IT architecture, cloud technologies, applications, network infrastructure
• Strong background in the identification and remediation of security vulnerabilities

• Strong understanding of operating systems, databases, Active Directory
• Exposure with Cloud compliance solutions
• Exposure with deployment pipelines and securing them
• Experience with Agile including Scrum is strongly preferred
• Extensive experience leveraging security tooling native to cloud environments such as AWS & Azure
• Strong understanding of IP, TCP/IP, and other network administration protocols
• Extensive experience managing, deploying, and securing cloud infrastructure (such as AWS & Azure) and containerized services and applications