Banner Default Image

Senior Cloud Security Engineer

Back to job search

Senior Cloud Security Engineer

  • Location:

    City of Taguig

  • Sector:

    Monroe Information Technology

  • Job type:

    Permanent

  • Salary:

    Negotiable

  • Contact:

    Aerielle Louise Co

  • Contact email:

    aerielle.co@monroeconsulting.com.ph

  • Job ref:

    BBBH437263_1706260414

  • Published:

    about 1 month ago

  • Expiry date:

    2024-02-25

  • Startdate:

    ASAP

  • Client:

    Monroe Consulting Group

Executive search firm Monroe Consulting Group is recruiting on behalf of a professional online gaming company in the country.

Job Summary:
Our respective client is seeking a Senior Cloud Security Engineer who will be responsible for designing and implementing a comprehensive cloud security architecture, utilizing zero-trust principles and automated security controls. He/She will lead initiatives to remediate issues, enhance overall security posture, and support cloud maturity assessments, ensuring a robust and protected environment. The job is located in BGC, Taguig City, Metro Manila, Philippines and has an onsite working arrangement.

Key job responsibilities:

  • Design and Implement cloud security architecture using zero-trust principles.
  • Automate security controls, data, and processes to provide better metrics and operational support using security-as-code.
  • Configure network security, including in a hybrid context with traditional network-centric controls.
  • Design and Implement host-based security monitoring (E.g. AWS Inspector), network security tooling, or other infrastructure-related security projects.
  • Conduct Threat modeling to support business requirements.
  • Configure access within the cloud environment using the defense-in-depth principle.
  • Assess cloud systems and infrastructure to identify potential weaknesses or problems and upgrade software, VMs, containers to ensure optimal performance of cloud environment and security tools.
  • Develop automated security compliance, remediate misconfigurations, vulnerabilities in the code/configurations.
  • Lead cloud security issue remediation, troubleshooting, and continuous improvement efforts, including collaborating with stakeholders to improve the overall application security posture.
  • Support Cloud Security Maturity Assessment processes with automated security reviews.
  • Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that apps, containers, infrastructure, and networks are protected.
  • Take ownership of new initiatives, work with internal security teams, and relevant business units to deliver actionable intelligence or solutions that will lower risk.
  • Support our DevOps and infrastructure engineers to implement security best practices and enable secure development and release processes.
  • Perform architectural and design reviews through the security lens and provide timely, actionable requirements and recommendations.

Key job requirements:

  • Bachelor's degree in Computer Science, Information Systems, or closely related field of study or equivalent experience.
  • Minimum 6 years of experience in the Information Security field.
  • Minimum 4 years of experience deploying services on public cloud infrastructure such as Amazon Web Services (AWS) or MS Azure.
  • Experience architecting solutions within Amazon Web Services (AWS) or MS Azure.
  • Experience performing design reviews to assess security implications and requirements for the introduction of new technologies.
  • Experience deploying and customizing security tools to address threats and lower risk, including vulnerability scanners, static analyzers, web application firewalls, IDS/IPS, malware analysis, network traffic flow and packet analysis, cloud security posture management (CSPM), etc.
  • Knowledge of networking and web protocols (TCP/IP, HTTP, TLS, REST), and the ability to analyze traffic to find anomalies.
  • Understanding of modern cloud technology components and deployment patterns, such as virtual machines, containers, Kubernetes, serverless, infrastructure as code, etc.
  • Must have hands-on experience with AWS and Linux in a production environment.
  • Experience with Hybrid/Multi-cloud network design and configuration (e.g., AWS Direct Connect).
  • Knowledge of Federated Identity, RBAC, authentication & authorization solutions, etc.
  • Working knowledge of secure-cloud configuration (e.g., CloudTrail, AWS Config), cloud-security technologies (e.g., VPC, Security Groups), and Cloud infrastructure entitlement management (CIEM).
  • Familiarity with industry compliances such as SOX, GLBA, ISO 27002, or PCI-DSS.
  • Working knowledge of CIS, CSA, and NIST best practices.
  • Demonstrated ability to collaborate with other teams to achieve complex objectives.
  • English/Chinese Bilingual Preferred.