Cloud Security Engineer
Company: Careerbuilder-US
Location: Chapel Hill
Posted on: January 20, 2023
Job Description:
Job SummaryAs a Cloud Security Engineer, you are part of a team
that is responsible for ensuring the security of NetApp's
engineering systems and the overall security posture of NetApp
engineering projects utilizing on-premises and multiple public
cloud resources. Public cloud resources include, but are not
limited to, those in AWS, GCP, Azure. - Responsibilities will
include recommending security technologies and methods to help
maintain a secure environment, building automation for policy
implementation and enforcement, and providing escalated
troubleshooting and guidance to operations staff. In your role you
will work closely with NetApp security team members, other
architects and engineers making recommendations for improving our
security posture; provide analysis, incident recognition, and work
to prevent failures or compromises through continual system
improvement thru education, automation and tooling; and actively
mentor and support other team members. -As a Cloud Security
Engineer, you will:
- Identify and quantify skills, process, and tools gaps for
on-premises and cloud environments. Document gaps and define
recommendations for gap closures.
- Identify security gaps in the organization and communicate
these to appropriate personnel in recommendations.
- Assist with the auditing of security and operational
configurations to include system vulnerabilities.
- Proactively monitor & remediate security incoming
alerts/vulnerabilities.
- Provide customers, team members, and management with RCA and
project feedback.
- Recommend process improvements and educational
programs/trainings.
- Regularly author troubleshooting guides, acceptance procedures,
and upgrade procedures; recommend improvements to existing
documentation.
- Provide technology solutions input and recommendations to
address technology issues.
- Recommend operational process changes to increase efficiencies
and update operational systems.
- Troubleshoot escalated, extended, or recurring issues.
- Lead efforts to advise on and preventatively remediate security
issuesJob Requirements
- Excellent oral and written communication skills.
- As a subject matter expert, work with other Engineering team
members to support ongoing and long-term initiatives and
projects.
- Strong understanding of documentation procedures for systems,
changes and desk level procedures.
- Solid operational knowledge of common security technologies
(e.g., ACLs, Firewall, IDS/IDP, VPN, proxies, certificates, SIEM,
load filtering, etc.); and advanced support and complex change
configuration ability in at least one security technologies;
competent at intermediate change configurations in more than one
security technologies.
- Operational knowledge of common protocols used in datacenters
like: DHCP, DNS, HTTP/HTTPS, SSH, SMTP, and SYSLOG. Basic
understanding of common protocols used in datacenters like: CIFS,
NFS, iSCSI, and FCoE.
- Ability to perform basic packet captures and perform traffic
analysis.
- Operational experience with multiple security technologies that
can affect change management, security management, audit and
control, encryptions, etc.
- Administrative experience in multiple versions of operating
systems such as Windows, Solaris, BSD, Linux, SCO, HPUX, etc.
- Basic understanding of various routing protocols and
subnetting
- Basic knowledge of scripting languages such as python.
- Basic knowledge of system configuration toolings such as SCOM,
ansible, puppet, etc. -
- Operational knowledge of cloud native security services and a
basic understanding of cloud auditing tools
- Basic understanding of containers and container
orchestration
- Operational understanding of system patch management tooling
(i.e., WSUS, yum, apt)
- Demonstrated technical writing skills required for
documentation, troubleshooting guides, acceptance procedures,
upgrade procedures, and process.
- Ability to follow documented daily procedures and policies;
monitoring tools and response guidelines, escalation and
notification processes; and Trouble/Ticket management processes and
guidelines.
- Basic understanding of cryptographic hashes and ciphers.
- Basic understanding of security tools i.e., Blackduck, Tenable,
Kics, Trivy, CoverityEducation
- Be knowledgeable in various industry security standards with
focus on PCI, SSAE-16 SOC1, SOC2, SOC3 (additional standards like
FedRamp, HIPAA, Fisma, UK Public Sector are advantage), and assist
during external audits or penetration testing
- The tasks this individual is responsible are often unstructured
and the issues addressed are less defined requiring new
perspectives and creative approaches.
- Demonstrate good judgment in solving problems as well as
identifying problems in advance with potential solutions.
- L3/L4 escalation for production issues surrounding Security
Compliance functionality
- Identify, design and implement flexible, responsive, and secure
technology platforms focused on IaaS and PaaS platform including
containerization and micro-services - -Interaction: -
- This individual must work effectively with Staff to Vice
President level employees within the function, across functions and
with external parties.
- Limited supervision and direction is provided, as this
individual can operate and drive results and set priorities
independently.
- The ideal candidate will be a proactive contributor and subject
matter expert.
- To be successful, this individual must demonstrate favorable
results through regular leadership and influencing others. -
-Education & Experience: -
- A minimum of 5 years of experience is required; 6 to 8 years of
experience is preferred.
- A Bachelor of Arts or Sciences Degree is required, or
equivalent experience. A Graduate Degree is preferred.
- Demonstrated ability to have completed multiple, complex
technical projects.
- Experience with Cisco and Palo Alto Networks security products
preferred.
- Certifications in PCNSE, CISSP, CCSP, CISA, GSEC, CCIE, CCNP,
or others are preferred.
Keywords: Careerbuilder-US, Chapel Hill , Cloud Security Engineer, Other , Chapel Hill, North Carolina
Didn't find what you're looking for? Search again!
Loading more jobs...