Cloud Security Engineer

Summary

Join Firmex, a global software-as-a-service provider, as a Cloud Security Engineer. You will be responsible for the day-to-day delivery of Security Operations, contributing to the enterprise cloud architecture and leading the security vision for cloud-based applications. Collaborate with a team of security professionals and across the organization on security best practices, product research, and support. You will support IT and business projects, develop subject matter expertise on security technologies, and collaborate on technology solution integration. Develop standards and actively monitor and research cyber threats. This role requires a bachelor's degree and experience in various security areas.

Requirements

• A bachelor’s degree in Computer science, Computer Engineering, or equivalent
• Experience with Incident Management and Incident Handling
• Experience on writing custom scripts in PowerShell/Bash
• Experience managing and configuring AWS services
• Experience writing Cloudformation templates
• Infrastructure experience with Windows, Linux
• Experience working with SaaS and PaaS environments and Cloud Native technologies
• Experience within a 24x7 production environment, preferably across multiple data centers
• Experience in information security or with systems and computer operations (e.g. Identity & Access Management, IT operations, Certification & Key Management, Security Platform Administration, Security Incident Response)

Responsibilities

• Work collaboratively within a team of security professionals and across the organization in matters of security best practices, product research and currency as well as product support
• Support various IT, IT Security and Business projects by providing input on security technologies and operational practices
• Develop subject matter expertise on assigned security technologies enabling effective and efficient delivery of security services
• Collaborate with engineering, infrastructure services, and application development organizations to choose appropriate technology solutions and facilitate complete integration of these solutions into the company environments
• Develop standards in partnership with Engineering, Infrastructure Services, and Application Development
• Contribute to the Development of Standards, Technical Security Specifications and Operating Procedures as required
• Actively monitor and research cyber threats with a direct or indirect impact to business operations, or technology infrastructure

Preferred Qualifications

• Experience with Vulnerability Management and Penetration Testing
• CISSP, OSCP, CISA
• Familiarity with industry compliance, i.e. PCI, HIPAA, GDPR, SOC (1 and 2), etc