Minnesota Staffing
Cloud Security Engineer - GCP
Minnesota Staffing, Minneapolis, Minnesota, United States, 55400
Cloud Security Engineer - GCP
Surescripts serves the nation through simpler, trusted health intelligence sharing, in order to increase patient safety, lower costs and ensure quality care. The Cloud Security Engineer - GCP helps deploy and operate the security infrastructure that aligns with business needs. The Cloud Security Engineer is responsible for supporting operational innovation and providing security direction to the business to elevate the company's security posture within its cloud, on-premise, and SaaS infrastructure. Along with security leadership, the Cloud Security Engineer will consistently assess the threat landscape and adapt quickly to protect the business from risk. Responsibilities: Assist in developing and maintaining secure, resilient enterprise-grade cloud processes in collaboration with architects, platform, and infrastructure engineers. Support the security of business applications and computing environments across commercial, private, SaaS, or hybrid cloud infrastructures. Help protect business applications in compliance with privacy, security, business resiliency, and compliance frameworks as defined in corporate policies. Maintain a consistent, secure cloud security environment. Conduct oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts. Implement and maintain security controls and monitoring for Surescripts infrastructure and applications. Support incident detection and response efforts across all Surescripts systems and infrastructure. Assist in the deployment and implementation of Security Tools and Agents across all Surescripts Infrastructure. Monitor, assess, and recommend tactical initiatives based on new and emerging threats posing risk to cloud computing environments. Support remediation efforts after security assessment findings identify weaknesses requiring attention. Document and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation. Assist in maintaining oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered. Stay apprised of current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices, and procedures. Serve as a resource in incident response to track occurrence and resolution, with documentation and reporting as well as engagement with security operations and incident response teams. Attend and engage in change and project management meetings. Produce security metrics for security and business leaders. Participate in cross-training to ensure business continuity. Perform other duties as assigned. Qualifications: Basic Requirements: Bachelor's degree in computer science, information systems, MIS or related field, or equivalent experience. 2+ years of experience in progressive, related experience in cybersecurity as a practitioner 1+ years of experience with Google Cloud Platform (GCP) Strong Linux and Windows support skills. Experienced in cloud networking architecture and cloud operations. Familiarity with tools such as Git, Jenkins, Chef, Puppet and Salt. Network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI). Familiarity with security solutions such as Crowdstrike, Tenable, XSOAR, Proofpoint, Forcepoint, Splunk Experience with scripting languages such as Python, PowerShell and JavaScript. Experience and understanding of various regulatory requirements and laws, including but not limited to: HiTrust, HIPAA, NIST. Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management and hardening guidelines. Cyber security experience and proficiency in: API's, infrastructure layers, hardware, OS, virtualization, storage, network, database and other related systems and technologies, information security risk and vulnerability remediation, automation and scripting, network monitoring, malware protection and analysis, intrusion detection and SIEM systems. Solid understanding of data security requirements, policies, compliance, auditing and regulatory processes. Preferred Qualifications: Holds or working toward one or more: CCSP, CISSP, GCP Certification. Keywords: incident response, cloud security, GCP, Google SecOps, Google Chronicle, SIEM, Splunk
Surescripts serves the nation through simpler, trusted health intelligence sharing, in order to increase patient safety, lower costs and ensure quality care. The Cloud Security Engineer - GCP helps deploy and operate the security infrastructure that aligns with business needs. The Cloud Security Engineer is responsible for supporting operational innovation and providing security direction to the business to elevate the company's security posture within its cloud, on-premise, and SaaS infrastructure. Along with security leadership, the Cloud Security Engineer will consistently assess the threat landscape and adapt quickly to protect the business from risk. Responsibilities: Assist in developing and maintaining secure, resilient enterprise-grade cloud processes in collaboration with architects, platform, and infrastructure engineers. Support the security of business applications and computing environments across commercial, private, SaaS, or hybrid cloud infrastructures. Help protect business applications in compliance with privacy, security, business resiliency, and compliance frameworks as defined in corporate policies. Maintain a consistent, secure cloud security environment. Conduct oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts. Implement and maintain security controls and monitoring for Surescripts infrastructure and applications. Support incident detection and response efforts across all Surescripts systems and infrastructure. Assist in the deployment and implementation of Security Tools and Agents across all Surescripts Infrastructure. Monitor, assess, and recommend tactical initiatives based on new and emerging threats posing risk to cloud computing environments. Support remediation efforts after security assessment findings identify weaknesses requiring attention. Document and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation. Assist in maintaining oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered. Stay apprised of current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices, and procedures. Serve as a resource in incident response to track occurrence and resolution, with documentation and reporting as well as engagement with security operations and incident response teams. Attend and engage in change and project management meetings. Produce security metrics for security and business leaders. Participate in cross-training to ensure business continuity. Perform other duties as assigned. Qualifications: Basic Requirements: Bachelor's degree in computer science, information systems, MIS or related field, or equivalent experience. 2+ years of experience in progressive, related experience in cybersecurity as a practitioner 1+ years of experience with Google Cloud Platform (GCP) Strong Linux and Windows support skills. Experienced in cloud networking architecture and cloud operations. Familiarity with tools such as Git, Jenkins, Chef, Puppet and Salt. Network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI). Familiarity with security solutions such as Crowdstrike, Tenable, XSOAR, Proofpoint, Forcepoint, Splunk Experience with scripting languages such as Python, PowerShell and JavaScript. Experience and understanding of various regulatory requirements and laws, including but not limited to: HiTrust, HIPAA, NIST. Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management and hardening guidelines. Cyber security experience and proficiency in: API's, infrastructure layers, hardware, OS, virtualization, storage, network, database and other related systems and technologies, information security risk and vulnerability remediation, automation and scripting, network monitoring, malware protection and analysis, intrusion detection and SIEM systems. Solid understanding of data security requirements, policies, compliance, auditing and regulatory processes. Preferred Qualifications: Holds or working toward one or more: CCSP, CISSP, GCP Certification. Keywords: incident response, cloud security, GCP, Google SecOps, Google Chronicle, SIEM, Splunk