Job Description :
Job Title: Senior Cloud Security Engineer
Location: Cambridge, MA 02142
Tenure: 3+ Months
Notes from the Manager:
Responsible for the operational security for 5k hosted instances in the Pega Cloud environment.
Cloud experience is purely a plus. This is a security focused individual first and foremost.
Security with Linux and Unix controls –how to harden environments
Gap Analysis
Security assessments
Responding to security incidents
Risk assessments
Monitor Security hardware and software
Don’t need to be a dedicated Linux administrator but have proficiency with it. We use RHEL and CentOS
Memory and storage management. Logging and non-repudiation experience.
Proficient in scripting. Specific language does not matter: Perl, Python, Shell, etc
Experience with relevent tools such as Splunk, Nessus, Data Dog
Will be working on the cloud environment, systems, and end to end processes.
Strong project management skills
How to deal with IPS IES Malware, Firewalls, IP Addressing
Security person that understands regulations
Experience with federal compliance initiatives are a plus (especially FedRAMP)
Person needs to be dynamic, work with strong personalities
Needs to be technically astute:
A technical person that could go debug something and then teach the team how to do it
Job Description:
A unique opportunity to design and build a state-of-the-art Cloud Security Operations Center using bleeding edge technology! As the driving force behind safeguarding critical information, you will design, build and run a sophisticated, highly-secured Cloud environment delivering PAAS and SAAS to our Global 1000 customers. Be a part of building a highly secure Pega Cloud service for Government Agencies and influence Pega Cloud’s SW Development Lifecycle.
In this role, you will:
Manage the security of our customer’s information and systems by designing, implementing and enforcing controls, safeguards, policies and procedures for an environment with thousands of instances
Develop and implement SOC best practices; Leverage Counter Threat Intelligence to configure security infrastructure and to monitor and action on events
Oversee and enhance cloud security components end-to-end in support of our US and India operations
Provide hands-on Linux system administration, scripting and maintenance for cloud systems
Develop, maintain and publish information security standards and guidelines encompassing data and intellectual security. Leverage automation for enforcement.
Acquire intimate knowledge of AWS Cloud, Public Cloud security best practices and Cloud Identity & Access Management
Work on the continuous improvements of our security tools, scripting, security architecture and environment configurations
Skills:
You are an experienced security engineer that can drive and implement security policies and procedures within Pega’s Cloud organization. Using the latest tools and technologies, you have proven skills to support thousands of hosts while securing critical information within a virtual environment.
Qualifications will include:
Experience working in the security operations field in a virtual hosting, IaaS, PaaS, or SaaS company
A proficiency in Linux system administration, systems management, scripting, security incident response and system support services
Experience with security tools such as Splunk, Nessus and Trend Micro Deep Security
Understanding of public Cloud environments and tools
Hands on SecOps, support for audits and remediation activities
Experience in correlating security anomalies into root causes with various SIEM technologies
Preferred Qualifications:
Experience with Cloud technologies such as AWS
Understand requirements for implementation and fulfillment of technical components of ISO 27001, PCI, HIPAA, and SOC 2 Type 2 certifications