Security Cloud Engineer
8 Grandview Ave Canonsburg, PA 15317 | Contract To Hire
- The cloud security team will drive all aspects of design, build, operate and assess across cloud based digital platforms and products. The Cloud Security Engineer will work closely with product and platform teams to engineer and implement cloud security controls with a focus on DevSecOps that will fundamentally change the way security processes and tools are integrated within DevOps.
- Implement a highly automated approach to deliver key security management processes by utilizing existing tools and / or identify new tooling in a Public/Private Cloud environment
- Deploy compliance solutions for large-scale cloud environments using container, PCF and micro-service technologies
- Develop procedures to automate security tasks during code builds, deployments and hosting
- Evaluate security technologies for cloud environments in order to implement controls in the most streamlined and integrated manner
- Collaborate with the Ops team to build infrastructure and servers on Public/Private cloud
- Communicate security risks and solutions to business partners, platform & product teams using defined escalation processes.
- Assist and train team members in the use of cloud security tools and the resolution of security issues
- Develop and maintain documentation for security systems and procedures
- Lead Cloud DevSecOps engineering integrations with various platforms
- Build working relationships with corporate technology and business teams
- Respond to and, when appropriate, resolve or escalate security incidents
- Embrace a culture of continuous service improvement and service excellence
- Stay current on industry security trends
SPECIFIC EDUCATIONAL/VOCATIONAL REQUIREMENTS:
- Bachelor' s Degree in Computer Science or related field or equivalent experience.
- AZURE certification along with other security certifications such as CISSP, SSCP is a plus
- Minimum 4 years of experience with implementing and automating cloud native based security principles and best practices
- in depth knowledge of network based, server based (web, application, database), and application layer attacks and mitigation methods
- Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
- Solid understanding of Single Sign-On using ADFS (Active Directory Federation services) and IAM (Identify and Access Management) with SAML tokens.
- Extensive experience working with container technology on Cloud Foundry and Docker
- Proficient in API management, configuration, and security using REST and WSDL based services.
- Experience in DevOps environments and maintaining security in CI/CD processes
- Experience with custom development using integration technologies such as, DotNet Core, JSON, Nodejs, SAML, XACML.
- Experience in virtualization, Cloud Formation, building hybrid cloud models with security layered for groups
- Proficient in AWS and Azure cloud platforms and VMware
- Knowledge on HIPAA, PCI and PHI
- Experience in working with SAFe and Agile methodology
- Experience with SIEM, IPS/IDS, security operations, incident analysis, incident handling, vulnerability management, testing, log analysis, and forensics
- Ability to clearly and effectively communicate concerns, issues to other teams
- Experience in developing, documenting, and maintaining security procedures
- Experience with source code management tools such as VSTS and TFS
- Hands-on knowledge on DevOps methodologies and tools like VSTS, TFS, GIT, Jenkins, Ansible, jFrog
- Evaluate and recommend use of ML, AI, and data analytic services to enable action based events and triggers
PERFORMS RELATED DUTIES:
Other duties as assigned.