Job Description :
100% REMOTE
Manager Notes:
We are expecting a candidate with combination of following to meet or near about meet our expectation of the role.
1. Architecture > 15%
2. On-Prem/Legacy Infrastructure Engineering/Operations – focus on security would be a plus > 15%
3. Cloud Infrastructure, services Engineering/Operations – focus on security would be a plus > 50%
4. DevOps > 10%
5. Communication skills etc. > 10%
While each of the skill set is really important to perform their job function, we can make some adjustments if they are extremely strong in at least 3 of our 5 requirements
& candidate has attitude towards learning the missing skill set.
Here is what has gone wrong in last few interviews:
1. No conceptual understanding of overall "Cloud infrastructure and services, security etc."
2. We typically start the interview with overall foundational questions on AWS Infrastructure concepts which are key to determining if the candidate has a foundational understanding of them to help design and build a new environment. In 100% of the cases, none of the candidates had even a 50% basis of concepts. So we would refactor the interview and focus on questions related to the experience they have listed on their resume. In the vast majority of cases they have no understanding ‘why’ they were doing something, it was just part of their runbooks. In a huge number of the cases they have no idea what the upstream and downstream dependencies of a change that they claimed they made actually had on the rest of the Aws environment. Lastly, we even had instances where folks were putting stuff on their resume and when questioned on it we discovered and/or they disclosed they hadn’t actually touched it, their co-worker did but since they either overheard their co-worker talk about it or shoulder surfed while they did it, they added it a competency item on their resume.
3. Most of the resumes were heavily focused on DevOps with no or very minimum knowledge about cloud infrastructure and security. Not to undermine DevOps is important but just DevOps candidate will not meet our needs.
Basic Qualifications :
Qual Call Notes:
Cloud service provider
o Public cloud
o AWS, Azure
o Voya has presence in Azure, but looking for AWS in this role. Azure is a plus.
o Voya purchased another company, with that, purchased their infra and they used AWS
? Small implementation, not enterprise ready
? However, allowed us to realize they do need Enterprise AWS built form the ground up
? At the beginning of this journey now
? Building enterprise architecture for AWS
o Looking for someone with Infra and Arch knowledge in AWS.
? DevOps experience, but not going to be doing DevOps work
? They claim they have infra experience, but the end of the day they don’t
? Need people who really understand AWS, all the services, and how they go together, so they can assist with Arch design, but also execute the hands on build out (from a security standpoint) once we get to that point
o If background is predominately on-prem, not a fit
o If background is predominately DevOps, not a fit
o Need AWS Arch Cert, and 2 years of dedicated exp in the cloud
Need to be able to walk through what they did in previous jobs around cloud from a hands-on exp
Will transition to hands-on operations once the design is built. so can be considered for FTE conversion if they are the right fit. Send FTE expectations when submitting.
Location: open to remote, but needs to work east coast hours
Additional Skills :
Job Description :
Title: Cloud Security Engineer
Location: REMOTE
Duration: 6 month contact
Description:
This position is for a SR. IT Security Specialist - Cloud Engineer with a strong background in Amazon Web Services (AWS), Azure and Linux/Windows. The Cloud Engineer will take a lead role in the review and implementation of both existing configuration of deployed AWS solutions as well new implementations of both AWS and Azure.
Profile Responsibilities
Responsibilities include (but not limited to) the following:
Knowledge of and experience configuring effective AWS user, security, and networking configurations
Familiarity with Amazon Web Services: EC2, S3, CloudFormation, RDS, CloudFront, VPC, Route53, IAM, CloudWatch, Beanstalk, Lambda, etc.
Familiarity with Azure Cloud Services: Azure Virtual Machines, Virtual Machine Scale Sets, Azure Container Service, Azure Storage, Azure Storage Accounts (NSG), Azure Site Recovery(ASR), Azure Cosmos DB, Azure Content Delivery Network, Virtual Network, Azure DNS, IAM, Azure Monitor, Web and API Apps, Azure Functions, etc.
Expertise in Linux and Windows systems administration
A detailed understanding of core network protocols and services (TCP/IP, HTTP/HTTPS, REST/SOAP, FTPS/SFTP, DNS, SSL, firewalls, load balancers)
Good scripting skills in Azure PowerShell, Azure CLI, perl, python or bash
Experience scripting against APIs
Application performance monitoring (Splunk, Nagios, Cacti, New Relic, AlrtSite, Azure Application Insights)
CISSP / CCSP certifications are a plus.
Crosstrain on all other deployed security platforms to gain proficiencies in those tools and platforms and how they can be extended to cloud platforms.
Work with application teams on remediation of identified security issues.
Provide engineering capabilities for implementations of new capabilities
Provide recommendations regarding direction of systems and applications to help secure access, data and assets.
Work with IT Security product vendors and service providers, to evaluate potential security offerings, including product evaluations, pilots and proof of concept installations
Leverage a wide range of security technologies including, but not limited to: logical access controls, identity and access management, LDAP, security incident response, privileged access management, database and system monitoring, end user password management and single sign on systems as well as network device integration and endpoint security tooling.
Ability to understand and troubleshoot system configuration on Windows and Linux, network configurations and upgrades, user authentication, AD integration and various Cloud technologies.
Ability to work well with other technology areas to deploy security technologies.
Excellent written and verbal communication skills.
Knowledge & Experience
3 years or more of experience in a large production IT environment administering and supporting multiple medium to small size applications.
Significant Experience with deploying, auditing and security cloud deployments, specifically within AWS and Azure.
Knowledge of IT security around ID access, data protection, system\application monitoring, system and application access and how to apply security principles effectively in a cloud environment.
Experience with large application support and change management.
Working Knowledge of Windows and Linux.
Significant Experience with rollout of new technologies
Bachelor’s degree or commensurate experience preferred.