Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
Overview:
We are seeking a highly skilled and experienced Cloud Security Engineer to join our team. As a Cloud Security Engineer, you will be responsible for designing, implementing, and maintaining Cloud Security Platform and security technologies to protect Qualys systems across various cloud environments as:
Responsibilities:
You would be responsible for cloud resource provisioning, IAM, policy creation, UAR, establishing cloud security monitoring, cloud security posture management along with designing and architecting the cloud environments as per security best practices and cloud security guidelines of various standards. You will work closely with cross-functional teams to ensure the effectiveness of security measures and help establish and enforce cloud security policies and procedures.
Security Architecture Review: Review and assess the security architecture of cloud-based systems and applications to identify gaps and recommend improvements in alignment with industry best practices and regulatory requirements.
Cloud Compliance Management: Ensure cloud environments adhere to relevant compliance standards and regulations by implementing appropriate security controls, conducting compliance assessments, and generating compliance reports.
Cloud Security Governance: Establish and maintain cloud security governance frameworks, policies, and procedures to ensure consistent and effective management of security risks across cloud environments.
Incident Response: Actively participate in incident response activities related to cloud security incidents, including investigation, containment, eradication, and recovery.
Cloud Security Tooling: Evaluate, select, deploy, and manage security tools and technologies specifically designed for cloud environments, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud-native security services. Tools like Prisma Cloud, Orca Security, etc.
Cloud Security Automation: Develop and implement automation scripts and workflows to streamline security operations tasks, such as configuration management, vulnerability scanning, and incident response orchestration.
Cloud Risk Assessment: Conduct risk assessments of cloud services, configurations, and deployments to identify and prioritize security risks, and collaborate with relevant teams to mitigate identified risks.
Cloud Security Research and Innovation: Stay abreast of emerging threats, vulnerabilities, and security trends in cloud computing, and actively engage in research and innovation to enhance the organization's cloud security posture.
Skills:
Qualifications: