Security Engineer
Description:
This role focuses on proactive vulnerability management and remediation within a dynamic cloud environment. Utilizing tools like Seemplicity, Wiz, Qualys, and GitHub Advanced Security, you will prioritize and address cybersecurity findings to meet critical security objectives. Additionally, this role will assist in other security focused areas such as assisting with Penetration Testing, Cloud Security, Data Security, Architectural Reviews, Edge Security as well as one-off special projects.
Responsibilities:
• Managing Seemplicity to coordinate remediations with their responsible teams.
• Leveraging Wiz, Qualys, GitHub Advanced Security, and Archer for vulnerability identification and analysis.
• Reviewing and triaging security configuration tickets within Seemplicity, Jira and ServiceNow.
• Reviewing and triaging remediation tickets within Seemplicity, Jira and ServiceNow.
• Performing vulnerability testing/assessments and supporting penetration testing activities.
• Implementing automation for security tasks & systems.
• Preparing and delivering status updates through slide decks.
Required Skills:
• Excellent communication skills.
• Excellent project management skills. Specifically working in Jira/Confluence though Sprints.
• A high level of hands-on recent experience with AWS is required. Certification is preferred but not required.
• A high level of hands-on understanding of IAM principals is expected.
• Hands on coding/scripting experience. Preferably in Python, Bash or PowerShell.
• Experience with Wiz, Qualys, Splunk & CrowdStrike preferred, Seemplicity is a plus.
• Experience with WAF technologies such as Imperva and AWS WAF a plus.
• Experience with CI/CD systems, specifically Jenkins and GitHub Actions (minimally)
• Experience with IaC, specifically Terraform and CloudFormation (minimally)
• Experience with Attack Surface Management Tools such as Censys is a plus.
• Experience with Kubernetes, specifically AWS EKS is a plus.
• Experience with Data Security Tools such as Databricks, Securiti.AI are a plus.
• General knowledge of Compliance Regulations (GDPR, PCI & SOX Preferable).