Senior Cloud Cyber Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior Cloud Cyber Security Engineer designing secure cloud architectures and ensuring compliance for Sentara Health. Conducting security assessments and collaborating with cross-functional teams to enhance cloud security.
Responsibilities:
- Design and implement secure cloud architectures, ensuring adherence to best practices and compliance requirements.
- Collaborate with cloud architects and DevOps teams to integrate security controls and mechanisms into cloud environments.
- Review and assess cloud infrastructure and service configurations to identify potential security risks and recommend necessary improvements.
- Conduct regular security assessments, including vulnerability scanning, penetration testing, and security audits of cloud resources and services.
- Identify and prioritize security vulnerabilities, misconfigurations, and compliance gaps, and provide recommendations for remediation.
- Assist in implementing and maintaining security testing tools and automation scripts for continuous security assessment.
- Develop and implement cloud-specific identity and access management (IAM) policies and controls to ensure appropriate access rights and permissions.
- Monitor and review IAM configurations, roles, and access policies to prevent unauthorized access and privilege escalation.
- Collaborate with identity teams to integrate cloud IAM with enterprise identity and access management systems.
- Implement and manage cloud security monitoring tools and solutions to detect and respond to security incidents in real-time.
- Establish incident response plans and processes specific to cloud environments, collaborating with incident response teams to investigate and mitigate cloud-related security incidents.
- Conduct post-incident analysis and implement measures to prevent similar incidents in the future.
- Ensure cloud infrastructure and services comply with relevant security standards, regulations, and industry frameworks (e.g., CIS, NIST, GDPR, etc.).
- Participate in security audits, assessments, and regulatory compliance activities, working with auditors to address findings and ensure compliance.
- Stay updated with evolving cloud security trends, emerging threats, and regulatory changes, and provide guidance on implementing necessary controls.
- Work with Governance team to conduct training and awareness programs for cloud users, developers, and stakeholders to promote secure cloud practices and awareness of cloud-specific security risks.
Requirements:
- Proven experience (5 years) in cloud security roles, with a strong understanding of cloud platforms and services (AWS, Azure, or GCP).
- Deep knowledge of cloud security best practices, cloud-native security tools, and cloud service provider security offerings.
- Experience with cloud security assessment tools, vulnerability scanning, and penetration testing techniques.
- Familiarity with cloud identity and access management (IAM) concepts and frameworks.
- Understanding of networking, encryption, and virtualization technologies as they relate to cloud security.
- Excellent analytical and problem-solving skills, with the ability to effectively assess and communicate cloud security risks.
- Strong written and verbal communication skills, with the ability to collaborate with cross-functional teams and provide security guidance.
- Cloud security controls: Identity and Access Management (IAM), Encryption, Network Security, Compliance, Logging and Monitoring, Vulnerability Management, Disaster Recovery and Business Continuity, Cloud Access Security Broker (CASB), and Multi-Factor Authentication (MFA).
- Knowledge of various technical frameworks and concepts (MITRE ATT&CK, CIS, Kill Chain, etc)
- Experience working in a highly regulated environment.
- Ability to express complex technical concepts in business terms.
- Organized and detail-oriented, able to work well under deadlines in a changing environment and complete multiple projects effectively and concurrently.
- Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
- Review and coordinate changes to cyber security policies, procedures, and standards.
Benefits:
- Medical, Dental, Vision plans
- Adoption, Fertility and Surrogacy Reimbursement up to $10,000
- Paid Time Off and Sick Leave
- Paid Parental & Family Caregiver Leave
- Emergency Backup Care
- Long-Term, Short-Term Disability, and Critical Illness plans
- Life Insurance
- 401k/403B with Employer Match
- Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education
- Student Debt Pay Down – $10,000
- Reimbursement for certifications and free access to complete CEUs and professional development
- Pet Insurance
- Legal Resources Plan
- Colleagues may have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met
Similar Jobs
Senior Manager, Product Security
Senior Manager of Product Security at Amgen developing strategies to counter threats to the global supply chain. Responsible for overseeing security initiatives and collaborating across diverse teams.
Account Executive – Cybersecurity, Risk Assurance
Account Executive managing complex B2B sales for Sensiba’s cybersecurity and risk assurance services. Focusing on ISO/IEC 27001, SOC 1, and SOC 2 engagements with C-suite executives.
Social Security Claims Specialist
Social Security Specialist at Lincoln Financial handling Social Security Disability Insurance claims. Acts as liaison between internal teams, claimants, and legal representation.
Senior Manager, Cloud Security Consultant
Senior Manager in cloud security at PwC focusing on cybersecurity threats. Leading development and implementation of cloud security strategies with advanced technologies.
Adjunct Faculty, Fundamentals of Networking – Cybersecurity
Adjunct Faculty teaching online course Fundamentals of Networking at UMGC. Engaging adult learners and fostering collaboration in a remote setting.
IT Sales Manager – Modern Infrastructure, Cyber Security, Managed Services
IT Sales Manager responsible for driving B2B sales in Modern Infrastructure, Cyber Security, and Managed Services. Collaborating with consulting teams and establishing new markets in Germany.
Head of Compliance – HIPAA and Security
Head of Compliance (HIPAA) leading strategic legal support and data governance for Bask Health. Overseeing compliance frameworks, training, and regulatory adherence in a remote setup.
Security Engineer
Security Engineer protecting Serve’s delivery platform and infrastructure while collaborating with IT and engineering teams. Ensuring security best practices across cloud infrastructure and applications.
Member of Technical Staff – Security
First dedicated security hire responsible for building security practices at AI infrastructure company. Defining company-wide security strategy and collaborating with engineering and research teams.
Cybersecurity Engineer
Cybersecurity Engineer responsible for maintaining security in compliance-driven environments for Teal. Protecting clients through security monitoring, vulnerability management, and incident response.
Cybersecurity Lead
Lead Cybersecurity Strategy at Intersect, safeguarding critical systems in a cloud-first environment. Collaborate cross-functionally to integrate security practices for innovative energy solutions.
Principal, Multicloud Data Center Solutions – AI, Data Security & Resilience
Lead development of solutions for enterprise Multicloud/Data Center, AI & Data and Security & Resilience at Dell Technologies. Engage with customers and drive transformative technology solutions.
Lead Security Officer – Rotational
Lead Security Officer ensuring health, safety and security for clients in remote settings. Providing oversight, training, and recommendations based on security operations.
Security Officer, Seasonal
Remote Security Officer monitoring and patrolling assigned areas for safety and security. Working in remote settings where health, safety, and security is a priority.
Platform Engineer, Security
Platform & Security Engineer responsible for IT infrastructure and security at Cosuno. Leading compliance and operational excellence in a remote role.
Security and Threat Operations Engineer
Security and Threat Operations Engineer protecting the fintech environment at OnePay. Collaborating with teams to proactively identify and respond to security threats.
Security Implementation Engineer
Security Implementation Engineer responsible for deploying, configuring, and implementing cybersecurity solutions. Focused on security infrastructure projects across customer environments in Logically's client base.
Senior Manager – Data Protection, Information Security Program
Senior Manager in Data Protection implementing controls and driving initiatives at leading MENA financial institution. Ensuring compliance and enhancing data protection controls across the organization.
Cybersecurity Associate Internship
Cybersecurity Associate Internship helping secure government and intelligence projects for GDIT's Summer Internship Program. Collaborating with professionals and enhancing skills in a supportive environment.
Principal Security Engineer
Principal Security Engineer at Aspirion focusing on Cloud Security architecture and execution. Driving secure solutions for clients in revenue cycle services while leading technical initiatives.