Cloud Security Engineer

Job Description

About the jobDesigns. Develops, secures, and maintains the security stack of the cloud infrastructure to support business needs of our Cyber Clients. Defines various Cloud Security models and provides security consultation in terms of pre and post sales activities within Paratus Cloud Cyber Services for clients. Helps our clients in ensuring applications are secure while supporting business initiatives. Utilizes advanced knowledge and trouble shooting skills to assist with the planning, designing, and implementing of procedures and ongoing maintenance of our clients cloud security infrastructure.Collaborates with our Cyber Delivery Head and our Executive leadership to consistently promote our services across various clients through various cloud security assessments.Essential Duties and Responsibilities

• Designs, Develops, secures, and maintains a resilient enterprise-grade cloud security stack in tandem with client security and operations team.
• Maintains a consistent, secure environment using configuration management solutions. Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.
• Manages and maintains cloud Security Incident and Event Management (SIEM) and work closely with our cloud SIEM provider and Managed Security Service Provider (MSSP) to capture logs and security events from cloud infrastructure and applications.
• Administers the Application Programming Interface (API) management tool to ensure APIs are securely implemented and managed and work with Software as a service (SaaS) security posture management solution.
• Assists with development, maintenance, and utilization of scripts (e.g., Python, Ruby, etc.) to support custom extracts, and transform load (ETL) tools, with a security focus for the data flow.
• Leads and conducts analysis of clients cloud infrastructure to detect security gaps or deficiencies in the cloud environment; recommends and implements solutions for improvements.
• Strong MSSP experience in securing business applications and computing environments across public, private or hybrid cloud infrastructures. Documents, formulates, and enforces areas of security improvement that balance risk with business operations without impacting efficiencies or innovation.
• Actively monitors, assesses, and recommends tactical and strategic initiatives based on new and emerging threats posing risk to clients cloud computing environments. Manages remediation efforts after security assessment findings outline weaknesses requiring attention.
• Conducts various assessments on the clients security systems to detect and prevent security breaches; monitors network and server intrusion detection systems; conducts vulnerability assessments and identifies areas for improved security management.
• Develops, recommends, implements, and manages a variety of Clients cloud security management policies, protocols, systems and tools, rogue wireless access point detection and Web content filters; network security policies and remote access standards guidelines; ensuring compliance with local GCC regulations.
• Serves as expert consultant for all clients cloud security related matters. Evaluates problems, identifies root causes; coordinates resources determine temporary measures and/or permanent solutions, and recommends and/or implements measures to restore full service.
• Installs, configures, tests, and implements system monitoring and management software tools; monitors system alerts, events, changes and activities that may impact performance or security; researches, troubleshoots and resolves complex system errors, failures and other problems.
• Acts as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with our Managed Security Operations and incident response teams.

Education and Technical ExperienceTo perform this job satisfactorily, an employee must be able to carry out each essential duty competently. The requirements listed below are representative of the education, experience, skills, and abilities required.

• 4 Year / bachelors degree - Information Security, Information Assurance, Information Systems, Computer Science or a closely related field Required.
• 5+ Years of Relevant Experience in Cloud Security (MS Sentinel, MS Defender,
• Holds or working towards one or more certifications including, CCSP (Certified Cloud Security Professional), AWS and Microsoft Security Certification, or similar Required.
• Experience in cloud computing technologies, including software, infrastructure, and platform-as-a-service, as well as public, private and hybrid environments - Required.
• Experience in cloud networking architecture and cloud operations, with cloud access security broker (CASB) experience. - Required
• Experience in (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls - Required.

Extensive knowledge of cloud security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention

Keyskills :
Cloud Security Identity And Access Management Firewalls AWS Ccsp Idam Pki Cloud Operations Private Software public key infrastructure IDS/IPS EDR Public Infrastructure

About Company

Cresco Holding Ltd