A bit about us:
Nonprofit Research 'Think Tank' Organization
Why join us?
Great Benefits:
Medical, Dental, Vision
9 paid holidays
20 Days of PTO per year
9 sick days per year
Wellness Programs
Health Flex Spending Account
Dependent Car Flex Spending Account
Care@Work - care.com
Short Term and Long Term Disability
Maternity, Parent, Caregiver Leave
Life Insurance
Adoption Assistance Reimbursement
Tuition Reimbursement
401(a) - 20% vested after 2 years, 50% after 3 years, %100 vested after 4 years
Medical, Dental, Vision
9 paid holidays
20 Days of PTO per year
9 sick days per year
Wellness Programs
Health Flex Spending Account
Dependent Car Flex Spending Account
Care@Work - care.com
Short Term and Long Term Disability
Maternity, Parent, Caregiver Leave
Life Insurance
Adoption Assistance Reimbursement
Tuition Reimbursement
401(a) - 20% vested after 2 years, 50% after 3 years, %100 vested after 4 years
Job Details
Seeking an experienced Information Security Engineer, Cloud with a strong background in both cybersecurity and a cloud-based infrastructure and software services to join the Information Security Architecture and Engineering team.
This position is a cyber security engineer with recent experience architecting and designing security of infrastructure and software-based cloud services. They will work closely with the applications and operations teams as well as others on the cyber engineering team to define cloud security standards based on best practices and prior experience. They will also be responsible for mentoring all interested stakeholders on cloud security best practices. Ideally they will have experience in AWS, Azure and Google Cloud Platform – though all is not necessary and experience securing software as a service (SaaS) services like Workday, Salesforce, Office 365, etc. They will also lead the engineering aspect of our cloud vetting practice, partnering with other cyber engineers.
**Security clearance will be required upon hire
Duties and Responsibilities
The following duties and responsibilities will be expected of the position:
Position Qualifications
Preferred Skills
o Network, data flow, process, and sequence diagrams
o Cloud orchestration technologies including such as AWS CloudFormations, Azure Kubernetes, and Durable Orchestration
o Cloud security implementations including identity management, API logging,
o Hybrid cloud security platforms such as Armor Anywhere and Cloudvisory
o Identity and access management, authentication, repudiation, MFA, use of tokens and smartcard technology
o Prior experience with firewall systems, architectures, design, and configuration as well as IPS, proxies, Web Access Firewalls, and related systems
o Network concepts such as DNS, TCP/UDP, MPLS, SD-WAN, TLS, OSI layers, 802.1x
o Network diagnostics including tracing, packet capture and analysis
o Encryption standards, key management, and PKI implementations
o Requirements’ definition, gap analysis and technology assessment and selection
Minimum Experience, Other Success Criteria
o A minimum of 5 years experience in engineering and cyber deterrence with 3 years’ experience in cloud security
o Experience designing, implementing, and maintaining cybersecurity configurations in network, boundary appliances or application services
o Knowledge of cybersecurity regulations and standards including NIST, PCI, or ISO 27001 security controls in complex enterprise environments
o Understanding of capabilities central to securing enterprise networks including end point protection, detection and response services, network intrusion detection and prevention systems, behavior-based malware detection, and memory forensics
Stand-out qualifications
o Experience with software-defined networks, zero trust networks and cloud security
o Experience designing the security framework for a multi-account/multi-tenant cloud environment in AWS, Azure or GCP to ensure best practices are applied across all deployed services
o Implementation of Automation and orchestration for the continuous integration and delivery of cyber services
o Cyber forensic investigations and diagnosing indicators of compromise
o Industry engagement such as ND-ISAC, DIB, RSA, Blackhat and others
EDUCATION AND CERTIFICATIONS
A Bachelor’s Degree in Computer Science or equivalent field of study
Additional consideration given for one or more IT and Cyber Security certifications such as AWS Certified Security, Azure Security Engineer Associate, CSK, CCSP, CISSP, CISA, GCSA, and Security+
This position is a cyber security engineer with recent experience architecting and designing security of infrastructure and software-based cloud services. They will work closely with the applications and operations teams as well as others on the cyber engineering team to define cloud security standards based on best practices and prior experience. They will also be responsible for mentoring all interested stakeholders on cloud security best practices. Ideally they will have experience in AWS, Azure and Google Cloud Platform – though all is not necessary and experience securing software as a service (SaaS) services like Workday, Salesforce, Office 365, etc. They will also lead the engineering aspect of our cloud vetting practice, partnering with other cyber engineers.
**Security clearance will be required upon hire
Duties and Responsibilities
The following duties and responsibilities will be expected of the position:
- Design and manage boundary and interior network controls including network security groups, network access controls, cloud firewalls, virtual networks, and gateways,
- Define security best practices for the infrastructure, platform, and software as a service solution
- Collaborate with the information assurance management to audit the security practices of or cloud service providers to make recommendations on security configurations and the appropriateness of use of these services for processing company information,
- Contribute to the development and maturation of the cybersecurity strategy and roadmap,
- Develop automated orchestration routines to ensure ongoing protection of cloud services,
- Identify, select, and deploy emerging cloud and hybrid cloud security services across cloud services
- Diagnose and troubleshoot cyber-related network and system performance deficiencies,
- Apply engineering principles to the management of company cyber infrastructure services,
- Self-motivated and fully responsible for leading technology deliverables, analyzing gaps and driving improvements to cyber-deterrence capabilities,
- Provide input to security policies and standards in accordance with changes in regulations, best practices, industry trends or controls required by contracts and grants.
Position Qualifications
Preferred Skills
o Network, data flow, process, and sequence diagrams
o Cloud orchestration technologies including such as AWS CloudFormations, Azure Kubernetes, and Durable Orchestration
o Cloud security implementations including identity management, API logging,
o Hybrid cloud security platforms such as Armor Anywhere and Cloudvisory
o Identity and access management, authentication, repudiation, MFA, use of tokens and smartcard technology
o Prior experience with firewall systems, architectures, design, and configuration as well as IPS, proxies, Web Access Firewalls, and related systems
o Network concepts such as DNS, TCP/UDP, MPLS, SD-WAN, TLS, OSI layers, 802.1x
o Network diagnostics including tracing, packet capture and analysis
o Encryption standards, key management, and PKI implementations
o Requirements’ definition, gap analysis and technology assessment and selection
Minimum Experience, Other Success Criteria
o A minimum of 5 years experience in engineering and cyber deterrence with 3 years’ experience in cloud security
o Experience designing, implementing, and maintaining cybersecurity configurations in network, boundary appliances or application services
o Knowledge of cybersecurity regulations and standards including NIST, PCI, or ISO 27001 security controls in complex enterprise environments
o Understanding of capabilities central to securing enterprise networks including end point protection, detection and response services, network intrusion detection and prevention systems, behavior-based malware detection, and memory forensics
Stand-out qualifications
o Experience with software-defined networks, zero trust networks and cloud security
o Experience designing the security framework for a multi-account/multi-tenant cloud environment in AWS, Azure or GCP to ensure best practices are applied across all deployed services
o Implementation of Automation and orchestration for the continuous integration and delivery of cyber services
o Cyber forensic investigations and diagnosing indicators of compromise
o Industry engagement such as ND-ISAC, DIB, RSA, Blackhat and others
EDUCATION AND CERTIFICATIONS
A Bachelor’s Degree in Computer Science or equivalent field of study
Additional consideration given for one or more IT and Cyber Security certifications such as AWS Certified Security, Azure Security Engineer Associate, CSK, CCSP, CISSP, CISA, GCSA, and Security+
Jobot is an Equal Opportunity Employer. We provide an inclusive work environment that celebrates diversity and all qualified candidates receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
Sometimes Jobot is required to perform background checks with your authorization. Jobot will consider qualified candidates with criminal histories in a manner consistent with any applicable federal, state, or local law regarding criminal backgrounds, including but not limited to the Los Angeles Fair Chance Initiative for Hiring and the San Francisco Fair Chance Ordinance.
Sometimes Jobot is required to perform background checks with your authorization. Jobot will consider qualified candidates with criminal histories in a manner consistent with any applicable federal, state, or local law regarding criminal backgrounds, including but not limited to the Los Angeles Fair Chance Initiative for Hiring and the San Francisco Fair Chance Ordinance.