Job Title: Cyber security Cloud Engineer III - Local Candidates Only)
Location: Chester, VA
Duration: 12 Months
Job Description:
The Client requires the need of a Cyber security Cloud Engineer that specializes in providing security for cloud-based platform solutions. Candidates must be knowledgeable in Microsoft Azure Cloud and Azure Active Directory. One should have a deep understanding of virtualization, Operating systems, Linux, Windows, and how to secure data. Candidates will be responsible for the planning, maintenance and support of Client data in the cloud. The individual will serve as a security lead and provide expertise in advanced cyber defense solutions and technology changes. Run daily checks regarding excessive permissions, misconfigurations, and abnormal user behavior. Protect on prem and cloud accounts against takeovers and account abuse, and limit exposure potential via user account compromises. Detect hacking attacks by identifying & blocking suspicious behaviors before data is lost. Safeguards the SCC corporate infrastructure and assures that security systems are built to specification and deployed successfully. The individual will be involved in meetings and provide expertise to lead the security team on new team projects and cloud architecture designs by the Information Technology Division. Ability to bridge technology knowledge gaps between IT and Client staff while working with outside vendors to secure the cloud infrastructure(s) and on prem systems. Candidates must understand networking terms and cloud security as a discipline of cyber security dedicated to securing cloud computing systems. This includes keeping data private and safe across online-based infrastructure, applications, and platforms.
This person will be involved in leading new cloud architecture designs and secure cloud platform solutions that will play an integral part in advancing and securing MS Azure Cloud ecosystem. (AAD and Office 365) As part of the Information Security team, you will be identifying, analyzing, and resolving infrastructure vulnerabilities and application cloud deployment issues. Participate in cloud implementation such as MS teams, SharePoint, OneDrive, CASB and other cloud efforts by Office Information Security/IT teams. The incumbent will provide deep expertise and understanding of all Cloud-as-a-Service including PaaS, IaaS, and SaaS. Collaborating with engineers and development teams in meetings to evaluate and identify optimal cloud solutions with security best practices. Interacting with management, team members and vendors to provide daily support based on preferred qualifications. Report all attacks or abnormal behaviors immediately to the Information Security Officer.
Responsibilities Include:
Design, build, and support mission-critical Cybersecurity products and services
Have expert knowledge of Data Loss Prevention principles, Data Classification, Alerting and Monitoring, Automated Response, and apply that knowledge in their daily cloud security work. (McAfee CASB and DLP)
Maintain and assess security for Enterprise multi-cloud platform (IaaS, PaaS, SaaS)
Assess and reviews cloud network configurations from a security angle; as well as fix any issues
Maintain current documentation for the cloud platform, related tools, and business processes (security/compliance, HA/DR, data management, monitoring, application integration, etc.)
Participate in implementation of new features and integration scenarios within cloud environments
Develop tools to identify and mitigate security vulnerabilities
Work with technical and business users and serve as security lead
Ability to clearly articulate and explain complex concepts and technologies to a non-technical audience
Ability to function in a rapidly evolving environment and adapt to frequent transitions in technologies and teams
Examine current cloud security practices and identify key risks, then execute programs to address them
Lead large scale programs that span the enterprise to deploy and manage various cloud security appliances and agents
Develop, maintain, and report on key cloud security metrics both as a program and on an individual basis; creating metric templates and scoring models
Automate cloud security solutions and controls
Required/Desired Skills
Skill Matrix
| Skill Matrix |
| Technology | Years of Experience |
| Overall IT Experience | |
| Communication (1 - 10) | |
| Cyber Security experience | |
| Deep technical knowledge of Microsoft Azure or Amazon Web Services | |
| Certifications - Microsoft AD, Azure, Office 365 | |
| Microsoft Windows Server 2012+, Linux RHEL, Active Directory, Azure AD, DevSecOps tools | |
| Cloud Service monitoring (McAfee CASB and MCAS) | |
| Familiar with network/security (load balancers, firewalls, DLP, DNS, DHCP) | |
| Knowledge of Cloud infrastructure, security architectures and standards. | |
| Expert knowledge of Cloud security architectures and infrastructure | |
| Expert knowledge of the Microsoft Azure ecosystem | |
| Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols) | |
| Automation using scripting languages such as Python, PowerShell, etc. | |
| Experience with CICD automation tools | |
| Experience with Container technologies | |
| McAfee SIEM, NSM (IPS/IDS), ATD and EPO | |
| Vulnerabilities Scan (Rapid7 InsightVM, Nessus) | |
| Application performance monitoring | |
| Ability to collaborate with technical and business partners | |
| Good Analytical and troubleshooting skills | |
| Solid understanding of container security | |
| Strong analytical, diagnostics and troubleshooting skills - ability to solve complex problems at scale | |
| Bachelor's degree in IS, CS, Engineering or equivalent | |