Job Description :
Position: Cloud Security Engineer
Location: Jersey City, NJ
Duration: Long Term

Experience designing and implementing information security solutions with a focus on virtualization and cloud technologies
Experience designing and implementing cloud services (e.g., IaaS, PaaS, SaaS, etc offered from public cloud service providers (e.g., AWS, Microsoft Azure, etc
Experience designing and implementing virtualization solutions (e.g., VMWare, Xen, Hyper-V, etc
Experience working with cloud access security brokers (CASB) and cloud security management / governance tools
Experience with a broad set of information security best practices and technologies (e.g., application security, risk management, data protection, encryption, identity and access management, logging and monitoring, network security, security governance, etc within cloud environments
Experience with various network and host based information security technologies, including firewalls, intrusion/threat detection/prevention, data loss prevention, anti-malware, file integrity monitoring, etc.
Experience with encryption (at-rest, in-transit, in-use) and key management within cloud environments
Experience in defending attacks utilizing information security technologies, including web application firewalls, anti-DDoS technologies, advanced anti-malware solutions, network forensics, etc.
Experience with information security testing methods and technologies, including penetration testing, web application security assessments, vulnerability assessments, etc.
Understanding of Secure Software Development Life Cycle (SSDLC) security requirements (i.e., risk assessments, threat modeling, security design reviews, static application security testing, and dynamic application security testing)
Understanding of agile infrastructures using Chef, Puppet, Ansible, or other configuration management tools
Understanding of operating system containers (e.g., LXC) and application containers (e.g., Docker)
Understanding of incident response processes and artifact collection for digital forensic investigation purposes
Understanding of enterprise IT security risk assessments and related frameworks (e.g., SOC2, ISO 270XX, NIST CSF, NIST 800-XX, COBIT, etc and industry best practices
Understanding of Cloud Security Alliance (CSA) framework, CSA Cloud Control Matrix (CCM) and CSA Consensus Assessments Initiative Questionnaire (CAIQ)
Proficient verbal and written communication skills, including the ability to independently and effectively participate in strategic collaborations with peers across the firm
Experience performing technical writing of policies, standards and procedures
Strong organizational skills with an ability to multitask effectively and deliver against commitments
Bachelor’s degree in a relevant discipline required
CISSP certification required
Cloud security certifications (vendor neutral) (e.g., CCSP) preferred
Cloud security certifications (vendor specific) (e.g., AWS Certified Solutions Architect) preferred
Information security and risk certifications (e.g., CISM, CRISC, GSEC, CEH, etc preferred