CollectorsRemote
Cloud Security Engineer
United States of America
Full Time
3 weeks ago
$108,000 - $175,000 USD
No H1B
Key skills
PythonAWSGCPTerraformCollaborationPenetration TestingCloud Security
About this role
Collectors is the leading creator of innovative technology that provides value-added services for collectors worldwide. They are seeking a Cloud Security Engineer to join their Cybersecurity team, focusing on secure architecture and ensuring the integrity of their infrastructure.
Responsibilities:
- Security Design Reviews/Threat Models: Ensure security guardrails are integrated into our platforms by conducting thorough reviews of design, implementations and code
- Collaboration and Engineering Guidance: Provide proactive guidance and education to platform engineering and product teams on available security controls and their appropriate use to help prevent vulnerabilities, striving for secure by default paradigms
- Partner with platform engineering and product teams to identify the appropriate remediations and compensating controls, sometimes getting creative when the “textbook remediation” is not viable
- Expertise in Cloud Security: Serve as a trusted advisor, offering cloud security expertise to enable platform engineering and product teams to make informed decisions
- Automated Analysis and Secure Frameworks: Scale security efforts by integrating automation for the identification, prioritization, and remediation of vulnerabilities
- Empower platform engineering teams through automation, security guidance, tooling, patterns, and training to scale security practices across the organization
- Partner with application security and incident response teams to identify and implement security tooling to detect security vulnerabilities and risks at scale
- Lead by example and be a champion of all company policies, including safety, attendance & security
Requirements:
- 3+ years of experience in Cloud Security, with a focus on securing AWS and GCP environments
- Proficient in Terraform analysis and knowledgeable about common cloud security vulnerabilities/misconfigurations
- Working knowledge of one or more general purpose programming/script languages, preferably Python
- Excellent problem-solving skills, with the ability to work independently and handle multiple tasks
- The ability to drive clear next steps when encountering ambiguous spaces without clear lines of ownership
- Experience with cloud security testing tools and methodologies (CSPM, Penetration Testing)
- Familiarity with major compliance frameworks, such as PCI, NIST, ISO, SOX, and experience assisting in audits
- Bachelors in CS, Cybersecurity or related fields and certifications such as GCIH, CISSP, CSSLP, GSSP or any other professional or Specialty AWS certification (e.g., AWS Solutions Architect Professional or Security Specialty) is good to have