Multi-cloud Security Engineer

Multi-cloud Security Engineer-GCP

Overview of the Team:

The Cloud Security team is responsible for securely enabling the
use of cloud technologies to support the firms desire to leverage cloud-nativeservices at enterprise scale. The Cloud Security team designs the securityrequirements that must be adhered to in the cloud, as well as builds thetooling and automation needed to provide enterprise capabilities to protect thefirm and make securing workloads easier for application teams. The team workswith multiple cloud providers and is currently looking for an experiencedmulti-cloud Security Engineer with a focus on Google Cloud Platform. familiarwith multiple cloud concepts, cloud services, and programming languages. Theteam this engineer will join implements security controls into our cloudplatforms (detective, preventative, and corrective) and owns platforms used tofurther secure our cloud footprint. This team also works to enable the SecurityOperations teams to extend their enterprise security functions to the cloudenvironments.

Primary Responsibilities:

1. Developing,
testing, and deploying Public Cloud Controls across the firms.

2. Providing
security recommendations and solutions for migrating and new applications inthe Customer environment to Azure, AWS, with a focus on GCP platforms.

3. Serve as a
subject matter expert for security tools, DevOps practices across all majorCloud Providers.

4. Implement
and manage GCP security controls.

5. Working
closely with vendors and partner squads to develop, deploy, and test Cloudsecurity services.

6. Respond to
Cloud security drifts in a timely manner and work with the stakeholders toremediate the drifts.

7. integrating,
configuring, documenting, and deploying compliant infrastructure and supportingservices in the Cloud platform.

8. Troubleshooting
problems, analyzing root cause, and (where possible) fixing bugs introduced byowned or managed security solutions.

9. Collaborate
with Risk Management, Security Architecture, and Cyber Incident Response teamsto ensure necessary controls for Cloud services are deployed and tested. Workin a globally distributed team to provide innovative and robust Cloud-centricsolutions.

Required Skills:

1. 5+ years of
experience in software and/or cloud platform engineering, particularly focusedon GCP environment.

2. Knowledge
of the Shared Responsibility Model; keen understanding of the security risksinherent in hosting cloud-based applications and data.

3. Experience
developing across the security assurance lifecycle (including prevent, detect,respond, and remediate controls)Experience in configuring Public Cloud nativesecurity tooling and capabilities with a focus on Google Cloud Organizationalpolicies/constraints, VPC SC, IAM policies and GCP APIs.

4. Experience
with Cloud Security Posture Management (CSPM) 3rd Party tools such as Wiz,Prisma, Check Point CloudGuard, etc.

5. Experience
in Policy-as-code (Rego) and OPA platform.

6. Experience
solutioning and configuring event-driven serverless-based security controls inAzure, including but not limited to technologies such as Azure Function,Automation Runbook, AWS Lambda and Google Cloud Functions.

7. Deep
understanding of DevOps processes and workflows.

8. Working
knowledge of the Secure SDLC process

9. Experience
with Infrastructure as Code (IaC) tooling, preferably Terraform.

10. Familiarity
with Logging and data pipeline concepts and architectures in cloud.

11. Strong in
scripting languages such as PowerShell or Python or Bash or Go.

12. Knowledge
of Agile best practices and methodologies

13. Experience
creating technical architecture documentation.Excellent communication,written and interpersonal skills.

14. Practical
experience in designing and configuring CICD pipelines. Practical experiencein GitHub Actions and Jenkins.

15. Experience
in ITSM.

16. Ability to
articulate complex technical concepts to non-technical stakeholders.

17. Experience
with risk control frameworks and engagements with risk and regulatory functions

18. Experience
in the financial industry would be a plus.