- Collaborate with the Security Architecture and Governance and Compliance team to develop cloud security architecture and maturity standards.
- Evaluate and respond to alerts from security tools, fine-tuning configurations to minimize false positives.
- Develop compliance management documentation and processes for the Security Operations Center (SOC).
- Own, manage, and mature posture management solutions.
- Work closely with Cloud Operations teams to define and implement security standards and best practices.
- Design and deploy self-service security solutions within our cloud infrastructure.
- Design, Implement, and automate security controls, data protection, and encryption mechanisms.
- Leverage REST APIs for various security-related tasks, including incident response, vulnerability management, and threat intelligence.
- Write network/system-level tools to safeguard cloud environments using cloud-based APIs.
- Make and implement recommendations for security best practices and improvements to solutions and services.
- Collaborate with functional-area architects and security specialists to ensure adequate security solutions across all IT systems and cloud platforms.
- Stay informed about industry trends, emerging threats, and best practices.
- College degree in technology / sciences or equivalent work experience.
- Familiarity with Amazon Web Services (AWS), Azure, or Google Cloud Platform (GCP).
- Knowledge of cloud security services and best practices.
- Minimum 5-7 years' experience with emphasis on cloud security and system administration.
- Deep understanding of network security best practices, including securely establishing connections to on-prem and cloud resources based on a zero-trust model.
- Proficient with scripting in languages such as Python and PowerShell.
- Detailed understanding of interacting with APIs.
- Understanding of NIST, OWASP, CIS, CVSS, the MITRE ATT&CK framework and the secure software development lifecycle.
- CCSK, CCSP, CISSP or equivalent security credential preferred.
- Strong communication skills required.
- Ability to collaborate with a wide audience of stakeholders regarding business objectives, priorities, and impact of proposed changes.
- Ability to think both strategically and tactically and be recognized as a thought leader within the security group.
- Familiarity with CI/CD tools such as Terrafrom, Nexus, Git/Stash, Jenkins, VMware vRealize Automation (or VCD), Packer, Vagrant, Docker, and Sonar preferred.
- Understanding of network protocols, firewalls, and VPNs preferred.
- Motivated Self-starter, problem solver.
Cloud Security Engineer - Cincinnati, United States - Great American Insurance Group
Description
This position is a new role within the Enterprise Information Security Group (EISG) and is expected to provide technical cloud security engineering and automation support across a broad scope of security solutions at American Financial Group. You'll collaborate with cross-functional teams, automate security processes, and contribute to the overall security posture of our organization The cloud security engineer will possess advanced administrative and troubleshooting skills, and be knowledgeable about architecture, engineering and design policies and principles.
Along with security leadership and security architecture this role will continually assess the threat landscape and adapt quickly to protect the business from risk. They must be highly technical and possess at least 5-7 years' experience in security and system administration across a wide variety of cloud infrastructures, including software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS). This role will interface often with other business units and require strong listening and communication skills. You will need to be proactive, understand complex scenarios and offer feedback and solutions to stakeholders.
Responsibilities
Cloud Security and Compliance:
Security Automation and Best Practices:
Security Engineering:
Qualifications: