Support.com
Cloud Security Engineer Dallas or Detroit metro
Support.com, Auburn Hills, Michigan, United States, 48326
Description
The Cloud Security Engineer plays a vital role in supporting Comerica's cloud security posture by assisting in the monitoring, analysis, and protection of cloud-based infrastructure and services. This role involves working with cloud security tools, including AWS GuardDuty, CloudTrail, CloudWatch, and CNAPP. The engineer will develop and implement security processes and solutions to protect cloud environments, ensuring ongoing assessment and compliance with security guidelines across the enterprise computing landscape.
Position Responsibilities:
Cloud Security Monitoring
Perform investigations by analyzing logs and services relevant to the cloud provider. Design, implement, and support secure cloud architecture across platforms like AWS, Azure, and GCP. Support cloud scanning and monitoring coverage evaluation. Enhance SIEM tools, supporting design, build, test, and deployment. Develop and maintain operational playbooks for cloud incidents. Communicate findings and recommendations effectively to technical and non-technical stakeholders. Assess and recommend cloud security best practices, tools, and technologies. Propose changes to technical design solutions as needed. Maintain documentation for procedures and incidents. Prepare and present security reports and dashboards to management. Security Automation & Tools Implementation
Develop and integrate automated security solutions to improve coverage and efficiency. Maintain scripts and processes to streamline security operations. Collaborate with other departments on initiatives to meet organizational goals. Participate in planning to meet business and operational needs. Contribute to project teams on system architecture and design, ensuring alignment with strategies and principles. Risk Management, Compliance, and Regulatory Adherence
Ensure cloud infrastructure compliance with industry regulations (e.g., SOX, SOC 2, PCI-DSS, FFIEC, GLBA). Participate in audits and assessments related to cloud security and compliance. Test and analyze procedures for emergency preparedness. Engage in threat modeling and security exercises like purple team and tabletop exercises. Conduct security assessments with vendors and third parties. Support monitoring rule creation within CNAPP tools and provide updates. Provide evidence of controls and policy gap monitoring. Administration and Communication
Manage security tools like AWS GuardDuty and Security Hub. Track and report on security metrics and KPIs. Maintain security documentation and reports for stakeholders. Work closely with cloud engineering teams to embed security controls. Design projects of low to medium complexity. Perform other duties as assigned.
#J-18808-Ljbffr
Cloud Security Monitoring
Perform investigations by analyzing logs and services relevant to the cloud provider. Design, implement, and support secure cloud architecture across platforms like AWS, Azure, and GCP. Support cloud scanning and monitoring coverage evaluation. Enhance SIEM tools, supporting design, build, test, and deployment. Develop and maintain operational playbooks for cloud incidents. Communicate findings and recommendations effectively to technical and non-technical stakeholders. Assess and recommend cloud security best practices, tools, and technologies. Propose changes to technical design solutions as needed. Maintain documentation for procedures and incidents. Prepare and present security reports and dashboards to management. Security Automation & Tools Implementation
Develop and integrate automated security solutions to improve coverage and efficiency. Maintain scripts and processes to streamline security operations. Collaborate with other departments on initiatives to meet organizational goals. Participate in planning to meet business and operational needs. Contribute to project teams on system architecture and design, ensuring alignment with strategies and principles. Risk Management, Compliance, and Regulatory Adherence
Ensure cloud infrastructure compliance with industry regulations (e.g., SOX, SOC 2, PCI-DSS, FFIEC, GLBA). Participate in audits and assessments related to cloud security and compliance. Test and analyze procedures for emergency preparedness. Engage in threat modeling and security exercises like purple team and tabletop exercises. Conduct security assessments with vendors and third parties. Support monitoring rule creation within CNAPP tools and provide updates. Provide evidence of controls and policy gap monitoring. Administration and Communication
Manage security tools like AWS GuardDuty and Security Hub. Track and report on security metrics and KPIs. Maintain security documentation and reports for stakeholders. Work closely with cloud engineering teams to embed security controls. Design projects of low to medium complexity. Perform other duties as assigned.
#J-18808-Ljbffr