Cloud Cybersecurity Engineer

Location

Franklin | TN

Position type

Contract

Job Description

About the role:

The core mission is to ensure the highest levels of security and innovation in all products. Our client seeks a highly skilled Cloud Cybersecurity Engineer who is passionate about securing cloud environments.

As a Cloud Cybersecurity Engineer, you will be critical in securing our AWS and Azure environments. You will adopt a pragmatic approach to security, staying informed about trending attacks and sophisticated threats in the cloud. This role emphasizes hardening our cloud infrastructure, collaborating with the Cyber Security Operations team, and managing detection and Response (MDR) providers to detect and mitigate potential threats. We seek someone who thinks like an attacker, understands how initial access is gained and post-exploitation activities are conducted, and is abreast of the latest trends in cloud attacks, including nation-state APTs, Client attacks, and well-known exploits.

Key Responsibilities:

  • Security Posture Enhancement: Continuously assess and improve the security posture of our AWS and Azure environments by remediating vulnerabilities and dangerous misconfigurations.
  • Familiarity with the following AWS Services: Identity and Access Management (IAM), Simple Storage Service (S3), Relational Database Service (RDS), CloudTrail, CloudWatch, Virtual Private Cloud (VPC), Lambda, Elastic Load Balancing (ELB), Security Groups, GuardDuty, Config, Inspector, Secrets Manager, Web Application Firewall (WAF), Virtual Private Network (VPN), Direct Connect, Elastic File System (EFS), Athena, Redshift, Data Pipeline, CloudFront, DynamoDB, Certificate Manager, Elastic Kubernetes Service (EKS).
  • Familiarity with the following Azure Services: EntraID, Blob Storage, SQL Database, Activity Log, Monitor, Virtual Network (VNet), Key Vault, Functions, Application Gateway, Network Security Groups (NSG), Security Center, Policy, Sentinel, Managed Identity, Azure Synapse Analytics, Azure Data Factory, Azure SQL Data Warehouse, Power BI Service, Web Application Firewall (WAF), ExpressRoute, Load Balancer, Azure Firewall, Log Analytics, Cosmos DB, SQL Managed Instance, Data Lake Storage, Azure Bastion, Azure Purview.
  • Policy Enforcement: Implement security policies, controls, and guardrails to ensure compliance with industry standards and best practices.
  • Incident Management: Lead incident response efforts for cloud-related security events, acting as incident commander when necessary to swiftly contain and remediate security incidents.
  • Threat Analysis: Stay current on the latest trends in cloud attacks, including tactics, techniques, and procedures (TTPs) used by advanced persistent threats (APTs) and other sophisticated adversaries.
  • Compliance Assurance: Ensure our cloud environments meet SOC2 and ISO 27001 compliance standards through rigorous security practices and regular audits.
  • Collaborative Defense: Work closely with the Cyber Security Operations team and MDR providers to develop and implement detection mechanisms for identifying and mitigating potential threats.

Desired Experience:

  • Technical Expertise: Minimum of 2 years of experience working in AWS and Azure, with a strong understanding of cloud security architectures and best practices.
  • Cybersecurity Experience: At least 5 years of experience in cybersecurity or compliance, with a focus on cloud environments.
  • Certifications: AWS or Azure security certifications are preferred but not required. Operational experience and a proven track record in securing cloud environments are highly valued.
  • Web Application Security: Familiarity with Web or Crypto applications and experience securing and pen testing them is preferred.

Soft Skills and Traits:

  • Analytical Thinking: Thinking like an attacker, anticipating potential attack vectors, and developing effective countermeasures.
  • Communication: Strong communication skills to effectively collaborate with team members, stakeholders, and external partners.
  • Problem-solving: Excellent problem-solving skills to address complex security challenges and develop innovative solutions.
  • Attention to Detail: Detail-oriented with a focus on accuracy and thoroughness in security practices and documentation.
  • Proactivity: Proactive and self-motivated with the ability to work independently and take ownership of security initiatives.
  • Organizational Skills: Strong organizational skills to manage multiple projects and priorities, ensuring timely and effective execution.
  • Composure Under Pressure: Ability to remain calm and decisive under pressure, particularly during security incidents.

Company Culture: Our client values innovation, security, and collaboration. Our team is dedicated to maintaining a secure environment and staying ahead of emerging threats. Fostering a supportive and dynamic work culture where employees can thrive and contribute to the mission.

Not the right fit?

Register with us and sign up for job alerts.

Ready to take the next step as

Cloud Cybersecurity Engineer?