Cloud Engineer - San Mateo, United States - LanceSoft

    LanceSoft
    LanceSoft San Mateo, United States

    2 weeks ago

    Default job background
    Description
    Job Title: Cloud Security Engineer
    Location: Foster City, CA
    Duration: 6+ Months

    Description:
    • The client is seeking an experienced Cloud Security Engineer, who will be responsible for helping ensure the security of our customers, staff, systems, communications, and data.
    • The Cloud Security Engineer will support the implementation, maintenance and upkeep of cloud security systems within AWS. This includes auditing and hardening existing AWS implementations, implementing network access controls, architecting, and implementing AWS solutions with a "zero trust" mindset.
    • The Cloud Security Engineer will be a key contributor to architecture, design, and implementation work as we mature Client's Cloud security programs, processes, and practices.
    • This role requires a combination of technical, communication, and soft skills to be successful.
    • The Cloud Security Role requires collaboration with members of the Information Security, IT, Product, and Operations teams. Experience with change management and a focus on customer experience as a key component of measuring success is a must.
    • This role will work directly with senior Cloud Engineering and InfoSec Engineering resources on a regular basis.
    Responsibilities:
    • Best Practice assessments and implementations within AWS
    • Review existing AWS configurations and provide account and org level hardening recommendations.
    • Participate in Vulnerability Management
    • Improve Network Security within AWS - Network ACLs,
    • Security Groups, WAF, VPC Flow monitoring, etc
    • Security Change & Compliance Automation - implement an IaC approach where possible.
    • Documentation of existing environments (topologies)
    Qualifications:
    • 6+ years of Cloud Security Engineer experience supporting production cloud environments in AWS.
    • 6+ years of IT systems/application engineering/administration experience
    • Strong understanding of AWS and AWS constructs such as TGW, GWLB, etc
    • Strong understanding of OSI model - all layers
    • Strong understanding of Layer-7 protection techniques relevant to network security
    • Ability to use Infrastructure as Code Tools (Terraform preferred)
    • Ability to use programming languages (python, golang preferred)
    Nice to have:
    • Experience using CI/CD to deploy Infrastructure as code, along with utilization of tools similar to Open Policy Agent to enforce policy before deployment.