Cloud Security Engineer
Apply NowCompany: Bit9 + Carbon Black
Location: Waltham, MA 02453
Description:
Company Description
More than 1,000 organizations worldwide-from 25 Fortune 100 companies to small enterprises-use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance. Leading managed security service providers (MSSP) and incident response (IR) companies have made Bit9 + Carbon Black a core component of their advanced threat prevention, threat detection and incident response services. With Bit9 + Carbon Black, you can arm your endpoints against advanced threats.
Job Description
We are looking for a Cloud Security Engineer who can provide hands-on technical engineering and ownership of the growing cloud security program, across multiple providers. You will work closely with our Product Management group as well our Cloud Operations team to help build secure and robust systems responsible for serving all of Bit9 + Carbon Black customers.
Role Description:
The Cloud Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Additionally, the Cloud Security Engineer assists in the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in this environment.
Key Responsibilities:
Serves as the subject matter expert (SME) on Cloud Security for Bit9 + Carbon Black
Develops standards, policies and procedures as well as best practices documentation.
Participate in efforts that tailor the company's security policies and standards for use in cloud environments
Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers.
Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset
Lead and influence multi-disciplinary teams in implementing and operating Cyber Security controls.
Work closely with application developers and database administrators to deliver creative solutions to complex technology challenges and business requirements.
Provides Info security architecture & systems engineering consulting to other IT and business teams.
Automate security controls, data and processes to provide better metrics and operational support
Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments
Stay current on emerging security threats, vulnerabilities and controls.
Identify and Implement new security technologies and best practices into Bit9's Cloud offerings
Evaluates new technologies against established requirements and validate the security of the technology.
Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure
Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams
Supports the monitoring and maintaining network security suite of tools.
Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis
Qualifications
Bachelor's degree in related business or technical areas, or an equivalency of education and work experience.
Minimum of 5-7 years of IT Security and/or security engineering experience
5-7 years related experience in Computer Security, with proven focus on Cloud Security. Clear passion for cloud Security and Cloud technologies.
Must have experience with virtualization (cloud or non-cloud)
Expert knowledge of Cloud infrastructure, security architectures, and standards
Deep technical knowledge of Amazon Web Services, and FedRAMP
Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels
Able to automate/script daily tasks through Python, Bash or equivalent
Experience with web-based applications or web-services
Proficient in Linux system design, automation and operations
Experience in designing and implementing standards, specifications and procedures.
Demonstrated ability to take initiative and accountability for achieving results.
Strong interpersonal, oral, and written communication skills
Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
Skilled in discussing complex security issues in understandable business terms.
Very detailed knowledge of system security vulnerabilities and remediation techniques
Security certification desired (e.g., CISSP, GIAC, CEH, etc)
Experience using Microsoft Visio
Additional Information
About us: Cyber attacks are now the new normal. Advanced hackers, nation states, organized crime groups and nefarious actors are doing anything and everything they can to get their hands on valuable information that isn't theirs. With more than enough attack vectors out there, we at Bit9 + Carbon Black are looking for more creative and committed security professionals to protect today's top organizations.
Bit9 + Carbon Black is an equal opportunity employer.
More than 1,000 organizations worldwide-from 25 Fortune 100 companies to small enterprises-use Bit9 + Carbon Black to increase security, reduce operational costs and improve compliance. Leading managed security service providers (MSSP) and incident response (IR) companies have made Bit9 + Carbon Black a core component of their advanced threat prevention, threat detection and incident response services. With Bit9 + Carbon Black, you can arm your endpoints against advanced threats.
Job Description
We are looking for a Cloud Security Engineer who can provide hands-on technical engineering and ownership of the growing cloud security program, across multiple providers. You will work closely with our Product Management group as well our Cloud Operations team to help build secure and robust systems responsible for serving all of Bit9 + Carbon Black customers.
Role Description:
The Cloud Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Additionally, the Cloud Security Engineer assists in the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in this environment.
Key Responsibilities:
Serves as the subject matter expert (SME) on Cloud Security for Bit9 + Carbon Black
Develops standards, policies and procedures as well as best practices documentation.
Participate in efforts that tailor the company's security policies and standards for use in cloud environments
Translate security and technical requirements into business requirements, and communicate security risks to different audiences ranging from business leaders to engineers.
Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset
Lead and influence multi-disciplinary teams in implementing and operating Cyber Security controls.
Work closely with application developers and database administrators to deliver creative solutions to complex technology challenges and business requirements.
Provides Info security architecture & systems engineering consulting to other IT and business teams.
Automate security controls, data and processes to provide better metrics and operational support
Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments
Stay current on emerging security threats, vulnerabilities and controls.
Identify and Implement new security technologies and best practices into Bit9's Cloud offerings
Evaluates new technologies against established requirements and validate the security of the technology.
Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure
Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams
Supports the monitoring and maintaining network security suite of tools.
Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis
Qualifications
Bachelor's degree in related business or technical areas, or an equivalency of education and work experience.
Minimum of 5-7 years of IT Security and/or security engineering experience
5-7 years related experience in Computer Security, with proven focus on Cloud Security. Clear passion for cloud Security and Cloud technologies.
Must have experience with virtualization (cloud or non-cloud)
Expert knowledge of Cloud infrastructure, security architectures, and standards
Deep technical knowledge of Amazon Web Services, and FedRAMP
Able to demonstrate clear understanding of current threats to Cloud infrastructure and/or IT infrastructures at technical and managerial levels
Able to automate/script daily tasks through Python, Bash or equivalent
Experience with web-based applications or web-services
Proficient in Linux system design, automation and operations
Experience in designing and implementing standards, specifications and procedures.
Demonstrated ability to take initiative and accountability for achieving results.
Strong interpersonal, oral, and written communication skills
Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
Skilled in discussing complex security issues in understandable business terms.
Very detailed knowledge of system security vulnerabilities and remediation techniques
Security certification desired (e.g., CISSP, GIAC, CEH, etc)
Experience using Microsoft Visio
Additional Information
About us: Cyber attacks are now the new normal. Advanced hackers, nation states, organized crime groups and nefarious actors are doing anything and everything they can to get their hands on valuable information that isn't theirs. With more than enough attack vectors out there, we at Bit9 + Carbon Black are looking for more creative and committed security professionals to protect today's top organizations.
Bit9 + Carbon Black is an equal opportunity employer.