Why is it worth choosing us?
-
You will have a stable, long-term job at us
-
You will have the opportunity to gain experience in exciting, innovative projects
-
We are a young and cohesive team
-
We support your development with language and professional training opportunities
-
We support a healthy lifestyle with our own Sports Association
-
We also provide a HomeOffice option
-
We offer attractive benefit packages
With applying you accept our privacy policy. You can apply with your professional CV also by e-mail at job@eilabs.com!
Cloud Security Engineer (Multi-Cloud)
2024-09-03
Primary Responsibilities
• Developing, testing, and deploying Azure/AWS/GCP Security Controls across our partner's cloud tenants through 3rd part SaaS solutions.
• Evaluating our partner’s cloud security requirements and assess how these can be implemented into Detective cloud controls, for all CSPs.
• Working closely with vendors and partner squads to develop, deploy, and test Cloud security services.
• Developing and generating compliance reports that showcase the cloud infrastructure's drift management status.
• Working with resource owners to remediate configuration drifts.
• Defining priorities, coordinating with peer teams, and leading continuous improvement efforts of security tools, systems and processes.
• Research, investigate and implement newer technologies to continually evolve security capabilities.
• Integrating, configuring, documenting, and deploying compliant infrastructure and supporting services in the Cloud platform.
• Troubleshooting problems, analysing root cause, and (where possible) fixing bugs introduced by owned or managed security solutions.
• Collaborating with Risk Management, Security Architecture, and Cyber Incident Response teams to ensure necessary controls to Cloud services are deployed and tested.
• Working in a globally distributed team to provide innovative and robust Cloud-centric solutions.
Requirements
• Deep knowledge of at least one of the 3 main Cloud Service Providers (Azure, AWS, GCP).
• Knowledge of the Shared Responsibility Model; keen understanding of the security risks inherent in hosting cloud-based applications and data.
• Experience developing across the security assurance lifecycle (mainly detect & respond controls).
• Experience configuring native CSP security tooling and capabilities.
• Experience with CSPM and SaaS 3rd party solutions.
• Understanding of OPA/REGO.
• Azure, AWS and/or GCP Certifications.
• Security certification such as CISSP, GIAC, CISM, OSCP or equivalent.
• Configuration management and patch management using automated tools.
• Experience with governance, risk and cybersecurity frameworks such NIST CSF, COBIT 5, ISO 27001/2, ITIL.
• Familiarity with standard Azure/AWS/GCP security tooling such as Security Command Center, VPC Service Controls, Azure Monitor, Azure Policy, AWS SCP, AWS Config, AWS IAM Permission Boundary.
• Deep understanding of DevOps processes and workflows.
• Working knowledge of the Secure SDLC process.
• Experience with Infrastructure as Code (IaC) tooling such as Terraform.
• Strong in scripting languages such as PowerShell, Python and Bash.
• Experience creating technical architecture documentation.
• Excellent communication, written and interpersonal skills.
• Experience in IT Service Management.
• Ability to articulate complex technical concepts to non-technical stakeholders.
• A good command of English and in general good communication skills.
Adventages
• Knowledge of Agile best practices and methodologies.
• Familiarity with Logging and data pipeline concepts and architectures in cloud.
• Experience with risk control frameworks and engagements with risk and regulatory functions.
• Experience in the financial industry.
• Practical experience in designing and configuring CICD pipelines.
• Practical experience in GitHub Actions and Jenkins.