Jobs · Information Technology · Delaware

Cloud Security Engineer

Stefanini North America and APAC · Dover, DE · 1 wk ago
On-siteInformation TechnologyContract

About the role

The Cloud Security Engineer will be responsible for securing cloud workloads, tools, and services using Zero Trust Network Access (ZTNA) principles. They will design, implement, and manage secure cloud environments across multiple platforms, focusing on GCP.

Responsibilities

  • Architect and approve ZTNA configurations, implementing identity-aware segmentation and least privilege access policies.
  • Lead the transition from traditional VPNs to ZTNA solutions, adhering to NIST 800-207 and Zero Trust Architecture best practices.
  • Demonstrate comprehensive knowledge of cloud security platforms and IAAS providers, including IAM, security centers, firewalls, key management, logging, and monitoring tools.
  • Design and implement secure cloud architecture, utilizing cloud-native security controls and CSPM tools.
  • Automate security tasks and processes using scripting and automation tools like Python, Terraform, CloudFormation, and Azure Resource Manager.
  • Implement least privilege access controls, federation, SSO, and other IAM solutions across multiple cloud platforms.
  • Work with SIEM logging and analysis, conducting threat hunting, and participating in incident response procedures and methodologies.
  • Develop and implement security policies, comply with relevant security frameworks (NIST, ISO, SOC 2), and ensure data loss prevention (DLP) configurations.
  • Understand and apply Zero Trust principles, network security concepts, and technologies, including firewall management, IDS/IPS, network segmentation, and WAFs.
  • Communicate complex technical concepts to non-technical audiences, lead and mentor junior security engineers, and present findings clearly.

Requirements

  • Minimum of 7-10 years of experience in information security, with a focus on cloud security and ZTNA.
  • Significant experience with GCP, AWS, and/or Azure.
  • Extensive experience in ZTNA engineering and automation.
  • Experience with Security Information and Event Management (SIEM).
  • Understanding of data classification standards and experience with data loss prevention (DLP) configurations.
  • Understanding of endpoint security concepts and technologies.
  • Strong analytical and problem-solving skills, with the ability to think critically and strategically, anticipate security risks, and develop effective mitigation strategies.
  • Leadership and communication skills, including the ability to lead and mentor junior security engineers, possess excellent communication and presentation skills, and effectively explain complex technical concepts to non-technical audiences.

Qualifications

  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
  • Relevant certifications (e.g., CISSP, CCSP, AWS Certified Security – Specialty, Google Cloud Certified Professional Cloud Security Engineer, Microsoft Certified: Azure Security Engineer Associate).

Skills

  • Zero Trust Network Access (ZTNA) engineering and automation.
  • Hands-on experience with ZTNA technologies, particularly Zscaler.
  • Comprehensive understanding of cloud security platforms and Infrastructure as A service (IAAS) solution providers like Google, Amazon, and Microsoft.
  • In-depth knowledge of each provider's security services (e.g., IAM, security centers, firewalls, key management, logging, and monitoring tools).
  • Experience with cloud-native security controls, security posture management (CSPM) tools, and best practices for ensuring compliance with relevant security frameworks (NIST, ISO, SOC 2).
  • Working knowledge of IAM concepts and best practices, with specific experience in Okta preferred.
  • Proficiency in implementing least privilege access controls, federation, single sign-on (SSO), and other IAM solutions across multiple cloud platforms.
  • Strong understanding of automation pipelines and experience with scripting and automation tools such as Python, Terraform, CloudFormation, and Azure Resource Manager.
  • Experience with Security Orchestration, Automation and Response (SOAR) platforms.
  • Experience with Security Information and Event Management (SIEM) logging and analysis.
  • Understanding of Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) concepts.
  • Experience with Security Information and Event Management (SIEM) logging and analysis, conducting threat hunting, and participating in incident response procedures and methodologies.
  • A working knowledge of current security policies, federal and state compliance regulations, and governance standards.
  • Experience with cloud-specific compliance frameworks like FedRAMP.
  • Understanding of data classification standards and experience with data loss prevention (DLP) configurations.
  • Deep understanding of modern networking standards, including Zero Trust principles, and extensive experience with network security concepts and technologies.
  • Experience with network security concepts and technologies, including firewall management, intrusion detection/prevention systems (IDS/IPS), network segmentation, VPNs, routing and switching protocols, network traffic analysis, and network security tools (e.g., Wireshark, tcpdump).
  • Experience with Network Access Control (NAC), DNS security, load balancers, and web application firewalls (WAFs).
  • Understanding of endpoint security concepts and technologies.

Benefits

Stefanini offers competitive compensation packages, including listed salary ranges that may vary based on experience, qualifications, and local market. Some positions may include bonuses or other incentives.

Pay

Salary ranges may vary based on experience, qualifications, and local market.

Schedule

This role requires a full-time schedule (M-F, 37 hours).

Benefits

Stefanini provides a comprehensive benefits package, including health insurance, retirement plans, and paid time off.

Similar jobs

Cloud Security Engineer

Booz Allen HamiltonFort Belvoir, VA· 2 days ago
$99k–$225k/yrapply on careers.boozallen.com

Cloud Security Engineer

Toyota Automated LogisticsLouisville, KY· 2 wk ago
Information Technologyapply on myjobs.adp.com

Cloud Security Engineer

Greenberg Traurig, LLPCharlotte, NC· 3 wk ago
Information Technologyapply on gtlaw.wd1.myworkdayjobs.com

Cloud Security Engineer

Greenberg Traurig, LLPAtlanta, GA· 3 wk ago
Information Technologyapply on gtlaw.wd1.myworkdayjobs.com