Cloud Security Engineer at Redstone Federal Credit Union in Huntsville, Alabama
Posted in Information Technology 30+ days ago.
Type: Full-Time
Job Description:
Job Description Summary
Develops, secures, and maintains the security stack of the cloud infrastructure to support Credit Union business needs. Supports operational innovation and provides security direction to elevate the Credit Union’s security posture within a cloud computing infrastructure. Helps ensures applications are secure while supporting business initiatives. Utilizes advanced knowledge and trouble shooting skills to assist with the planning, designing, and implementing of procedures and ongoing maintenance.Collaborates with security leadership to consistently assess the threat landscape and to adapt quickly to protect the business from risk.
Job Description
Essential Duties and Responsibilities
Develops, secures, and maintains a resilient enterprise-grade cloud security stack in tandem with cloud network engineers.
Maintains a consistent, secure environment using configuration management solutions. Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.
Manages and maintains cloud Security Incident and Event Management (SIEM) and work closely with our cloud SIEM provider and Managed Security Service Provider (MSSP) to capture logs and security events from cloud infrastructure and applications.
Administers the Application Programming Interface (API) management tool to ensure API's are securely implemented and managed and work with Software as a service (SaaS) security posture management solution.
Assists with development, maintenance and utilization of scripts (e.g., Python, Ruby, etc.) to support custom extracts, and transform load (ETL) tools, with a security focus for the data flow.
Leads and conducts analysis of cloud infrastructure to detect security gaps or deficiencies in the cloud environment; recommends and implements solutions for improvements
Secures business applications and computing environments across public, private or hybrid cloud infrastructures. Documents, formulates and enforces areas of security improvement that balance risk with business operations without impacting efficiencies or innovation.
Actively monitors, assesses and recommends tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments. Manages remediation efforts after security assessment findings outline weaknesses requiring attention.
Adheres to the Information Security Program to ensure the confidentiality, integrity and availability of information assets: ensure proper data classification and compliance.
Administers security systems to detect and prevent security breaches; monitors network and server intrusion detection systems; conducts vulnerability assessments and identifies areas for improved security management. Maintains accurate records on cyber security threat information, breaches and discovered security deficiencies. Disseminate complex security information clearly and concisely in a format that both technical and non-technical audiences can easily comprehend.
Develops, recommends, implements and manages a variety of cloud security management policies, protocols, systems and tools, rogue wireless access point detection and Web content filters; network security policies and remote access standards guidelines; ensuring compliance with NCUA regulations. Collaborates regularly with others in the department to correct identified system vulnerabilities to reduce threats to the organization.
Serves as expert consultant for all cloud security related matters. Evaluates problems, identifies root causes; coordinates resources determine temporary measures and/or permanent solutions, and recommends and/or implements measures to restore full service.
Installs, configures, tests and implements system monitoring and management software tools; monitors system alerts, events, changes and activities that may impact performance or security; researches, troubleshoots and resolves complex system errors, failures and other problems.
Works closely with others in the department to ensure security patches and firmware are up-to-date and proper security measures are in place.
Acts as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teams.
Stays apprised of current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Applies learned knowledge across key lines of business, including products, practices and procedures.
Assists in maintaining strong oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered.
Company Wide Expectations
Maintains a professional image and demeanor at all times, consistently demonstrating Credit Union RISE Values and adhering to the Code of Ethics.
Delivers friendly, caring service to internal and external members.
Complies with all applicable State, Federal and NCUA rules and regulations and all Credit Union policies and procedures.
Follow all physical and online security procedures and maintain strict confidentiality of all member information.
Completes all required regulatory and compliance training and maintains required knowledge of Credit Union products and services.
Works scheduled hours and maintains punctuality.
Performs other related duties as assigned or requested.
EDUCATION/EXPERIENCE
To perform this job satisfactorily, an employee must be able to carry out each essential duty competently. The requirements listed below are representative of the education, experience, skills and abilities required.An equivalent combination of education and experience may be considered.
Education Requirements
4 Year / Bachelors Degree - Information Security, Information Assurance, Information Systems, Computer Science or a closely related field - Required
Holds or working towards one or more certifications including, CCSP (Certified Cloud Security Professional), AWS Certified Security Specialist, Azure Security Engineer Associate, or similar - Preferred
Experience Requirement
5 Years - Responsible experience in a Cloud Security Engineer role or related position with at least exposure with Amazon Web Services (AWS) and Microsoft Azure. Experience in other Cloud Service Providers (CSP) a plus. - Required
Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private and hybrid environments - Required
Experience in cloud networking architecture and cloud operations, with cloud access security broker (CASB) experience. - Required
Experience in (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls - Required
Extensive knowledge of cloud security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems - Required
SKILLS/ABILITIES
Self-motivated and directed, well-organized and able to position controls in anticipation of threats.
Ability to collaborate with technical and non-technical teams to promote ideas to support business enablement.
Strong understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelines.
Demonstrates problem-solving abilities to manage complex local and international security requirements.
Ability to perform complex cloud and firewall administration functions in a cloud network environment accurately and efficiently.
Strong work ethic, leverage analytical and critical thinking, and be skillful at meeting change requests at a moment’s notice.
Effectively apply internal and external customer service practices and processes to meet quality service standards and achieve member satisfaction.
Resolve problems utilizing advanced knowledge and experience.
Communicate in a professional manner and deliver information clearly and effectively. Actively listen to questions, opinions and ideas of others. Use tact and diplomacy in sensitive and confidential situations.
Use correct English including spelling, grammar and punctuation.
Operate computers and use business software and other standard office equipment.
Understand and follow written and oral instructions.
Set priorities and manage one’s own time effectively.
PHYSICAL DEMANDS
The physical demands described here are representative of those that must be met by employees to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Physical Requirements
Intermittent standing, sitting, walking, bending and climbing.
Using hands repetitively to handle, feel or operate computers and other standard office equipment.
Reaching with hands and arms.
Intermittent lifting and carrying up to 25 pounds.
WORK ENVIRONMENT
An employee in this job will experience the following main work environments, others not listed may also be encountered on occasion;
Work Environment
Works in a typical technology office environment.
Redstone Federal Credit Union is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status or status as an individual with disability. All qualified applicants will not be discriminated against on the basis of disability.
We are proud to be a Drug-Free and Tobacco Free Workplace.
More jobs in Huntsville, Alabama
|
Raytheon |
|
Oldcastle |
|
Honu Services |
More jobs in Information Technology
|
Oldcastle APG Inc |
|
Callanan Industries Inc |
|
Preferred Materials Inc |