DevSecOps engineer at Ford ensuring secure software development and compliance with security standards. Collaborating with teams to embed security practices and assess vulnerabilities in software delivery.
About the role
- Senior Cloud Security Engineer responsible for deploying and improving Cloud Security tooling across multi-cloud environments at Truist. Utilizing AWS tooling and automation with Terraform for security solutions.
Responsibilities
- Lead the deployment, operationalization, and continuous improvement of Cloud Security tooling across multi-cloud enterprise environment
- Responsible for Cloud native AWS tooling and automating solutions leveraging GitLab deployments, including AWS Guard Duty, Security Hub, AWS Inspector, etc. via Terraform
- Develop and maintain the technical IT/cyber capabilities including all phases of the software development lifecycle and software stack which includes threat modeling of application designs, static application security testing (SAST), software composition analysis (SCA), dynamic application security testing (DAST), and penetration testing
- Lead efforts related to designing, planning, enhancing, and testing all Cloud cybersecurity technologies used throughout the enterprise
- Analyze information to determine, recommend, and plan the use of new Cloud information security technologies, or modifications to existing equipment and systems that will provide capability for proposed project or workload
- Lead the implementation of new Cloud security technologies or integration of existing technologies including initial configuration, installation, change management, and operational handoff
- Responsible for technical support of Cloud security technologies providing expert problem analysis and resolution in a timely manner
- Creation of CI/CD automation leveraging Terraform for Cloud Security Services and Modules
Requirements
- Bachelor’s degree and eight years of experience in systems engineering or administration or an equivalent combination of education and work experience
- Deep specialized and/or broad functional knowledge in applied enterprise information security technologies including but not limited to firewalls, intrusion detection/prevention systems, network operating systems, identity management, database activity monitoring, encryption, content filtering, and Mainframe security
- Previous experience in leading complex IT projects
- 10+ years Cloud Security experience (preferred)
- 6+ years securing AWS/Azure/GCP (preferred)
- Deep expertise in Wiz platform (preferred)
- Strong experience with CSPM, CWPP, CI/CD security (preferred)
- Strong automation and scripting background (preferred)
- Experience in Global 100 or Fortune 50 environments (preferred)
- Wiz Architect/Practitioner certifications (preferred)
- AWS/Azure/GCP security certifications (preferred)
- Banking or financial services experience (preferred)
- Other security certifications (e.g. CCNA Security, GSEC, GCED, GPPA, etc.) (preferred)
- Other technical Certifications (e.g. CCNA, RHCE, MCSE, etc.) (preferred)
- Certification in Information Security Management (e.g. Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM)), or related security certification(s) (preferred)
Benefits
- Health insurance
- 401k plan
- No less than 10 days of vacation
- 10 sick days
- Paid holidays
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Officer responsible for ensuring safety and security at the Genesee Brewing Company. Monitoring premises, responding to emergencies, and providing visitor assistance during shifts.
Security Estimator creating estimates and proposals for security projects at LINX. Collaborating with engineering and sales teams for system design and client relationships.
Product Security Architect at Expedia designing secure architecture for services and APIs. Collaborating with teams to guide secure practices and integrate AI - driven solutions.
IT Security Officer overseeing information security for a specific IT sector at Desjardins. Collaborating with cross - sector teams and managing information security risks and vulnerabilities.
Associate, Information Security professional at Santander focusing on Vulnerability Management and network security exposure. Collaborating with teams to enhance security posture and manage technology risks.
IAM Security & Technology Governance person driving IAM technical program with cutting - edge technology to improve security posture at MUFG. Manage IAM requirements, standards, governance and solutions across global implementation.
Senior Analyst in Mastercard's newly created Vocalink Control Office supporting control testing across Security domains. Ensuring a strong control environment and identifying gaps for improvement.
Senior Analyst focusing on Information Security and Compliance at Cirque du Soleil. Engaging in threat analysis and improvement of security tools and processes, within a creative company culture.
Security Architect designing and implementing cybersecurity architectures for UK Defence projects. Collaborating with stakeholders to safeguard client data against cyber threats.