This site uses cookies. To find out more, see our Cookies Policy

Staff Cloud Security Engineer in San Diego, CA at Spartan Resources, LLC

Date Posted: 2/1/2018

Job Snapshot

Job Description

Staff Cloud Security Engineer



Description


The Staff Cloud Security Engineer will be responsible for architecting and engineering the security solutions and processes required by the next generation of services. This role will lead the design of cutting-edge scalable and high performing security services that ensure data is appropriately protected and monitored and to identify potential security issues. We are looking for candidates who are passionate about security, automation and love the challenge of working in highly distributed and dynamic Hybrid Cloud environment. 

Key Responsibilities

  • You are center to help architect, engineer, and deploy security systems and software in large distributed and Hybrid Cloud environments.
  • Develop next generation security framework and design ensuring adequate levels of security of services deployed on a private as well as public cloud (AWS/Azure/Google Cloud).
  • Partner with product management, engineering and operational teams to develop best of breed security architectures supporting compliance (PCI DSS, ISO 27001, HIPAA), customer requirements and operational SLAs.
  • Provide practical guidance to engineering teams to support the implementation of security controls, guidelines, recommendations and best practices.
  • Develop and implement Secure Development Lifecycle (SDL) processes and (automated/devsecops) tools.
  • Assist engineering teams in performing Threat Modeling, identify application threats/vulnerabilities and recommend mitigation strategies.
  • Assist teams in identifying mitigation approaches for of vulnerability and static/dynamic scan results  Identify technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks.

Job Requirements

Skills & Attributes


The ideal candidate will possess the skills and experience listed below: 

  • Proven track record designing, documenting and successfully deploying multi-layer security architectures on private and public cloud.
  • Experience with Amazon Web Services (AWS) and Microsoft Azure security models.
  • Experience delivering security architectures meeting one or more of the following security standards: NIST/FedRAMP, ISO 27001, ISO 27002, PCI DSS, HIPAA Security Rule.
  • Strong understanding of database security / Big data (EDW, Hadoop).
  • Strong understanding of application security and industry standards and best practices (OWASP / SANS / NIST).
  • Strong understanding of SDLC and Secure Development Lifecycle (SDL) including performing threat modeling and risk assessments.
  • Experience designing and implementing API Security and Access Controls (OAuth/SAML, Web SSO, AWS IAM, Federation).
  • Must be a self-starter and able to work well with others in a fast-paced agile environment with an emphasis on collaborating and assisting the team to meet business objectives.



Qualifications


Basic Qualifications: 

  • 15 years of information technology experience 
  • 7+ years of security engineering experience 
  • Bachelor’s degree in information security/systems or related experience
  • CISSP / CCSP certification a definite plus