New York LifeRemote
Corporate Vice President - Cloud Security Engineer Job Details | New York Life Insurance Co
United States of America
Full Time
1 hour ago
$148,000 - $211,000 USD
H1B Sponsor Likely
Key skills
Cloud Security EngineeringAmazon Web Services (AWS)Microsoft AzureVMwareLinuxWindowsCloud Networking ArchitectureCloud Access Security Broker (CASB)GitJenkinsChefPuppetSaltVirtual Private Networks (VPN)IPsecSSL/TLSLDAPPublic Key Infrastructure (PKI)Identity and Access Management (IAM)OAuthSAMLOpenIDPrivileged Access ManagementCyberArkWizSentinelOneDockerKubernetesAWS CloudTrailPythonRubyPowerShellJavaScriptThreat Intelligence ServicesSarbanes-Oxley Act (SOX) ComplianceHealth Insurance Portability and Accountability Act (HIPAA) ComplianceNew York State Department of Financial Services ComplianceITIL FrameworkNIST FrameworkCloud Security Alliance (CSA) FrameworkISO FrameworkIncident ResponseSystem ConfigurationVulnerability ManagementSecurity HardeningAWSAmazon Web ServicesAzureAnsibleIAMLeadershipProject ManagementTeam LeadershipCloud Security
About this role
New York Life is a Fortune 100 mutual company that emphasizes purpose and integrity while evolving into a technology and data-enabled organization. They are seeking a Senior Cloud Security Engineer to architect, deploy, and operate a secure cloud application infrastructure, ensuring compliance with security frameworks and managing risks associated with cloud environments.
Responsibilities:
- Develop and maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineers
- Secure business applications and computing environments across public, private or hybrid cloud infrastructures
- Protect business applications in compliance with privacy, security, business resiliency and compliance frameworks as defined in corporate policies
- Maintain a consistent, secure environment using configuration management solutions (e.g., Puppet, Chef, Ansible, etc.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts
- Deploy strong identity and access management (IAM) controls across applications and computing environments
- Attend regular technical project and implementation meetings, and serve as the security consultant to help guide secure application and infrastructure configurations
- Actively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments
- Manage remediation efforts after security assessment findings outline weaknesses requiring attention
- Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation
- Assist in maintaining strong oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered
- Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices and procedures
- Act as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teams
- Attend and fully engage in change and project management meetings
- Perform other duties as assigned
Requirements:
- At least 5-7+ years' experience in cybersecurity as a practitioner and with at least 2-3+ years exposure with Amazon Web Services (AWS), Microsoft Azure or VMware
- Strong Linux and Windows support skills
- Experienced in cloud networking architecture and cloud operations, with cloud access security broker (CASB) experience preferred
- Familiarity with tools such as Git, Jenkins, Chef, Puppet and Salt
- Network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI)
- IAM experience, including familiarity with authentication protocols (e.g., OAuth, SAML and OpenID) and privileged access management (e.g., secrete manager, cyberARK) is preferred
- Familiarity with security solutions such as Wiz and SentinelOne, as well as tool such as Docker, Kubernetes and AWS CloudTrail
- Experience with scripting languages such as Python, Ruby, PowerShell and JavaScript
- Experienced in the use of threat intelligence services in a production environment
- Experience and understanding of various regulatory requirements and laws is a plus. Relevant regulations include but are not limited to: Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), New York State Department of Financial Services
- Experience achieving compliance with established framework (e.g., ITIL, NIST, CSA, ISO)
- Up-to-date understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelines
- Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively
- Team leadership experience to help with the organizational and team dynamics in a growing field