Senior Cloud Engineer - Security closed

Job description

Title: Senior Cloud Engineer - Security

Department: Information Technology / Cybersecurity

Reports To: Director, Corporate Security

*This is a remote role open to Canada or US*

Job Overview: The Senior Cloud Engineer - Security is a highly skilled role with a strong focus on all cloud technologies. This position demands an expert-level understanding of cloud security architectures, practices, and tools in AWS and Azure, with the ability to apply relevant skills in GCP environments.

Key Responsibilities:

· Implement and optimize DevSecOps automation processes, ensuring seamless integration of security into the development lifecycle.

· Design and implement robust security solutions for cloud environments across multiple cloud platforms (AWS, Azure, GCP).

· Demonstrate an understanding of Infrastructure as Code (IaC) best practices and possess strong experience in building Terraform modules and CloudFormation stacks for AWS.

· Understanding of server orchestration and configuration practices and strong experience in key technologies such as Ansible or Puppet.

· Responsible for managing cloud security, which includes identifying, tracking, and advising on all cloud security threats and vulnerabilities.

· Responsible for investigating, remediating, and conducting root cause analysis of all cloud security events escalated from EDRs, CSPMs, SIEMs, and other notification mechanisms.

· Evaluate and deploy advanced cloud-native security tools and technologies.

· Work closely with relevant teams to foster a culture of security and ensure a unified approach to securing cloud infrastructure.

· Stay updated on emerging technologies in cloud security, AI, and automation, and apply innovative solutions to enhance the security framework.

Experience Required:

· Proven experience (6+ years) in a security focused role.

· In-depth knowledge of security best practices and industry standards.

· Understanding and hands-on experience with cloud platforms.

· Experience with cloud-native and serverless technologies.

· Experience in making nuanced threat and risk assessments.

· Experience with NIST, SOX, ISO, SOC2, GDPR, and other compliance and regulatory frameworks.

· Experience in building repeatable/reusable security processes and frameworks.

· Hands-on experience with DevOps tools and practices (e.g., CI/CD, containerization, infrastructure as code).

· Must have experience in automation, scripting, and business intelligence.

· Certifications such as AWS Certified Security, Azure Security Engineer, CISSP, CISM are a plus.

Nice to have:

· Experience in deploying SIEM solutions (Exabeam).

· Experience in EDR and CSPM solutions (Crowdstrike)

· Experience with SAST, DAST and SCA tools (Veracode, Black Duck)

· Experience with SDLC, version control and DevSecOps practices.

The US base salary range for this full-time position is  $160,000 - $200,000 + benefits.  Salary ranges are determined by role, level and location.  The range for each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations.  Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience and relevant education or training.  Note that the compensation details listed reflect base salary and certain positions may be offered additional variable incentives.

Centric Software provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status or genetic information.