Remote positions open to the US only.
The Cloud Security Engineer performs all processes and procedures necessary to ensure the safety of KnowBe4 cloud computing environments. In addition, the primary responsibility is to protect the privacy, confidentiality, integrity, and availability of company and customer data by conducting security assessments, triaging security findings and having a proactive approach in assisting the IT and engineering and development teams to operate in a secure cloud computing environment.
- Collaborate with the development and engineering teams to architect and develop secure applications and infrastructure
- Discover, Triage, and Remediate cloud security findings
- Report cloud security findings to the engineering teams and provide guidance on remediation of findings
- Responsible for implementing and managing cloud security tools (CSPM) and ensuring full coverage of cloud environments
- Ensure the cloud compliance posture is following relevant standards to meet our audit requirements
- Provide cloud security guidance and best practices
- Design, analyze, and document cloud security principles, best practices, runbooks, and similar
- Creates new security alerts and dashboards related to cloud security within various infosec tools
- Performs threat hunting across information security log feeds
- Create relevant Infosec policies and procedures
- Monitor for, investigate, and respond to security incidents
- Performs root cause analysis on identified vulnerabilities and identified incidents
- Perform security reviews and penetration testing across company cloud infrastructure
- Perform automated and manual vulnerability scans and triage vulnerabilities across company cloud environments
- Ensure the security of the CI/CD pipeline
- Stay informed on the latest vulnerabilities
- Bachelor’s degree in information security, information systems, or similar preferred
- Minimum 3 years experience working in AWS
- Minimum 3 years experience in Information Security
- Demonstrated practical knowledge in cloud computing, cloud security, information security, IT, internet concepts
- Experience with infosec tools and scripts
- Experience with Cloud Security Posture Management (CSPM) tools
- Familiar with application development concepts: servers, databases, coding, API’s, containers, logging, troubleshooting
- Experience working in a continuous integration and continuous delivery model (CI/CD)
- Experience working with Terraform/CloudFormation
- Experience with Docker and containerization
- Familiar with OWASP top 10 and MITRE ATT&CK Framework.
- Knowledge of various operating systems, ChromeOS, Linux, Mac, Windows.
- Able to navigate the linux command line
- Ability to automate tasks and create scripts in bash/python etc.
- Certifications in Information Security such as those offered by ISC2, SANS/GIAC, EC-Council desirable
- Certifications in AWS, Azure and specifically AWS Security highly desirable
- Strong verbal and written communications
- Excellent time management and organization skills
- Excellent Analytical skills
- Strong problem solving and root cause analysis abilities
The base pay for this position ranges from $60,000 - $65,000, which will vary depending on how well an applicant's skills and experience align with the job description listed above.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided