University Hospitals
Overview
Cloud Security Engineer - (23000FK6) Position Summary
The Cloud Security Engineer (CSE) should be hands-on in all aspects of Azure security including implementing security controls and threat protection, manage identity and access management, defining organizational structure and policies, using Azure technologies in order to provide data protection, configuring network security defenses, collecting and analyzing Azure logs, managing incident responses, and an understanding of regulatory concerns. As a Cloud Security Engineer you design and implement a secure end-to-end infrastructure on Azure in a hybrid cloud setup.
Responsibilities
Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
Maintain and improve the security posture of the Azure platform, identifying, and remediating vulnerabilities by using a variety of security tools
Provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks
Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that apps, containers, infrastructure, and networks are protected
Implementing threat protection and responding to security incident escalations
Automate security controls, data, and processes to provide better metrics and operational support using security-as-code
Configure access within a cloud solution environment using the defense-in-depth principle
Configure network security including in a hybrid context with traditional network centric controls and ensure data protection
Manage operations within a cloud solution environment such as operations tasks, using cloud native tools, like Log Analytics, Azure Monitor and Azure Security Center or other monitoring tooling
Support our cloud engineers to implement security best-practices and enable secure development and release processes
Deep understanding of configuring security policies and securing applications and data
Qualifications Education
Bachelor's Degree in Information Technology, Computer Science, or a related field Required
Work Experience
5+ years IT security experience Required
3+ years building and maintaining secure Azure cloud solutions and tools (Azure Monitor, Log Analytics, Azure Security Center) Required
Knowledge, Skills, & Abilities
Understand agile and DevOps concepts in a security context such as “trust but verify”, central vs decentral controls, make agile teams as autonomous as possible while ensuring the teams adhere to the NonFunctional-Requirements
A deep understanding of networking, e.g. IP subnetting, Network Security Groups, routing, Azure Firewall, ExpressRoute, load balancer, DNS
Strong familiarity with cloud capabilities and products and services for Azure, e.g. Azure Active Directory
Privileged Identity Management, VMs, Container Registry, Azure Kubernetes Services (AKS), Data Services, KeyVault
Have the intrinsic quality to want to continuously improve and do better
Hands-on and can-do mentality
Feeling of ownership
Good communication and presentation skills
Team player
Able to express ideas effectively in individual and group situations
Able to execute a task in a good manner and with good results with limited supervision
Strong skills in scripting and automation, Infrastructure-as-Code and using CI/CD concepts
Experience with pipeline tooling for automated deployments and applying security controls
Experience with infrastructure orchestration tools such as Terraform and other cloud-specific infrastructure automation tools (Azure Resource Manager, Google Cloud Deployment Manager) to automate the creation of staging, testing and production environments
Work experience from large, international companies and have dealt with or worked for global service providers
Licenses and Certifications
Certified Information System Security Professional (CISSP) Preferred
Certified Ethical Hacker (CEH) Preferred
Additional Licenses and Certifications
Microsoft Azure Security related certifications Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Information Protection Administrator Associate, or Microsoft Certified: Security Operations Analyst Associate) Preferred
Certified Cloud Security Professional (CCSP) Preferred
Certificate of Cloud Security Knowledge (CCSK) Preferred
Global Information Assurance Certification (GIAC) Preferred
Physical Demands
Standing Occasionally
Walking Occasionally
Sitting Constantly
Lifting Rarely 20 lbs
Carrying Rarely 20 lbs
Pushing Rarely 20 lbs
Pulling Rarely 20 lbs
Climbing Rarely 20 lbs
Balancing Rarely
Stooping Rarely
Kneeling Rarely
Crouching Rarely
Crawling Rarely
Reaching Rarely
Handling Occasionally
Grasping Occasionally
Feeling Rarely
Talking Constantly
Hearing Constantly
Repetitive Motions Frequently
Eye/Hand/Foot Coordination Frequently
#J-18808-Ljbffr
Cloud Security Engineer - (23000FK6) Position Summary
The Cloud Security Engineer (CSE) should be hands-on in all aspects of Azure security including implementing security controls and threat protection, manage identity and access management, defining organizational structure and policies, using Azure technologies in order to provide data protection, configuring network security defenses, collecting and analyzing Azure logs, managing incident responses, and an understanding of regulatory concerns. As a Cloud Security Engineer you design and implement a secure end-to-end infrastructure on Azure in a hybrid cloud setup.
Responsibilities
Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
Maintain and improve the security posture of the Azure platform, identifying, and remediating vulnerabilities by using a variety of security tools
Provide cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks
Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that apps, containers, infrastructure, and networks are protected
Implementing threat protection and responding to security incident escalations
Automate security controls, data, and processes to provide better metrics and operational support using security-as-code
Configure access within a cloud solution environment using the defense-in-depth principle
Configure network security including in a hybrid context with traditional network centric controls and ensure data protection
Manage operations within a cloud solution environment such as operations tasks, using cloud native tools, like Log Analytics, Azure Monitor and Azure Security Center or other monitoring tooling
Support our cloud engineers to implement security best-practices and enable secure development and release processes
Deep understanding of configuring security policies and securing applications and data
Qualifications Education
Bachelor's Degree in Information Technology, Computer Science, or a related field Required
Work Experience
5+ years IT security experience Required
3+ years building and maintaining secure Azure cloud solutions and tools (Azure Monitor, Log Analytics, Azure Security Center) Required
Knowledge, Skills, & Abilities
Understand agile and DevOps concepts in a security context such as “trust but verify”, central vs decentral controls, make agile teams as autonomous as possible while ensuring the teams adhere to the NonFunctional-Requirements
A deep understanding of networking, e.g. IP subnetting, Network Security Groups, routing, Azure Firewall, ExpressRoute, load balancer, DNS
Strong familiarity with cloud capabilities and products and services for Azure, e.g. Azure Active Directory
Privileged Identity Management, VMs, Container Registry, Azure Kubernetes Services (AKS), Data Services, KeyVault
Have the intrinsic quality to want to continuously improve and do better
Hands-on and can-do mentality
Feeling of ownership
Good communication and presentation skills
Team player
Able to express ideas effectively in individual and group situations
Able to execute a task in a good manner and with good results with limited supervision
Strong skills in scripting and automation, Infrastructure-as-Code and using CI/CD concepts
Experience with pipeline tooling for automated deployments and applying security controls
Experience with infrastructure orchestration tools such as Terraform and other cloud-specific infrastructure automation tools (Azure Resource Manager, Google Cloud Deployment Manager) to automate the creation of staging, testing and production environments
Work experience from large, international companies and have dealt with or worked for global service providers
Licenses and Certifications
Certified Information System Security Professional (CISSP) Preferred
Certified Ethical Hacker (CEH) Preferred
Additional Licenses and Certifications
Microsoft Azure Security related certifications Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Information Protection Administrator Associate, or Microsoft Certified: Security Operations Analyst Associate) Preferred
Certified Cloud Security Professional (CCSP) Preferred
Certificate of Cloud Security Knowledge (CCSK) Preferred
Global Information Assurance Certification (GIAC) Preferred
Physical Demands
Standing Occasionally
Walking Occasionally
Sitting Constantly
Lifting Rarely 20 lbs
Carrying Rarely 20 lbs
Pushing Rarely 20 lbs
Pulling Rarely 20 lbs
Climbing Rarely 20 lbs
Balancing Rarely
Stooping Rarely
Kneeling Rarely
Crouching Rarely
Crawling Rarely
Reaching Rarely
Handling Occasionally
Grasping Occasionally
Feeling Rarely
Talking Constantly
Hearing Constantly
Repetitive Motions Frequently
Eye/Hand/Foot Coordination Frequently
#J-18808-Ljbffr