FITS is seeking an intelligent and forward-thinking security professional to join our expanding Commercial division. This exciting new role within the Assessment & Advisory team will help you define the future of cloud. With data becoming the new most valuable resource, companies are utilizing cloud platforms to leverage their data’s value in a governed way.
As a Senior Cloud Security Engineer, you will drive the secure design and delivery of a world-class cloud-native platform for our client, applying your expertise for all areas of cloud infrastructure. Your responsibilities will include partnering with engineering, product, and cloud operations to embed security by design, facilitating rapid adoption and transformation of cloud services.
Essential Duties and Responsibilities:
- Helping to develop architectural requirements and corresponding engineering processes and technologies to support a cloud-native platform.
- Build the necessary capacity to support engineering, product, and cloud operations teams throughout the software development lifecycle.
- Develop, continuously improve, and ensure compliance with controls built for the cloud-native platform.
- Partner with engineering, product, and operations teams to cultivate a secure CI/CD mindset and develop practical automation solutions.
- Plan, organize, and manage multiple responsibilities from various stakeholders and sometimes competing requests to achieve desired objectives.
- Additional tasks include supporting the larger security team during security incidents and investigations; working with multiple teams across the organization to advance the overall security posture. After hours on-call support may occasionally be required.
- Minimum of 5 years' IT/Security experience across a wide range of disciplines, including a minimum of 2 years' experience with Cloud Security or Cloud Engineering in Google Cloud Platform (GCP) and/or Amazon Web Services (AWS).
- Working knowledge of leveraging CI/CD pipelines, SDLC, Agile software development, Scrum methodologies.
- Experience with configuration management and Infrastructure as Code tools like Terraform, Ansible, or similar tools.
- Competency with GNU/Linux, Bash, and Python, or equivalent.
- Ability to work collaboratively in an organization with stakeholders distributed across various time zones.
- Experience with engineering and operations in compliance with regulatory requirements and/or frameworks (FedRAMP, HIPAA, NIST, ISO 27001/2, etc.).
- Desired certifications include: CISSP, CCSK, CCSP, or similar.
- An excellent collaborator, teammate and security leader with advanced presentation and communication skills.
- Accustomed to a fast paced environment and self-motivated with an ability to execute with little supervision.
- Able to iterate quickly and independently to deliver solutions to technical problems.
- Eager to learn new technologies and modern methodologies. Interested in broadening your skills into technologies you haven’t seen before.
- Familiar with security by design principles, and able to educate other technical engineers on how to build security into their processes in a scalable way.
- Agile-minded, optimistic, passionate, and pragmatic about delivering valuable software to customers.
Measures of Success:
- Within your first month, you will absorb fundamental knowledge about client processes/tools and start building team & cross-functional relationships.
- Within your third month, you will take ownership of one or more key infrastructure platforms, and develop and achieve quarterly OKRs (Objectives & Key Results)
- Within your sixth month, you will drive consistent, repeatable, documented processes for security-driven infrastructure platforms, improve efficiency and hand off for ongoing operations, and improve customer satisfaction.
- Within your first year, you will deliver a net new cloud security control based on your area of ownership that you will design, development, implement, and support.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided