• Partner with Ops and Product collaborators to support cloud security risk reduction.
• Build operational documentation in support of cloud security initiatives.
• Reviews literature, patents and current practices relevant to the solution of assigned projects.
• Develop enrichments and filters in existing Cloud Security Posture Management platforms to improve transparency and detection of anomalous events.
• Edits and reviews technical requirements documentation.
• Build re-usable scripts and user guides for applications teams to bring to bear in the reduction of cloud security risks.
• Displays knowledge of engineering methodologies, concepts, skills and their application in the area of specified engineering specialty.
• Displays knowledge of and ability to apply, process design and redesign skills.
• Develop and present metrics on risk reduction and initiative progress showing areas of improvement and identifying any potential issues to meeting team goals and delivery dates.
• Document as-is security states and produce reports that reflect improvements to reduce risk and improve the security posture of the Azure environments.
• Consistent exercise of independent judgment and discretion in matters of significance.

Skills: Cloud Security Risk Reduction, Operational Documentation, Literature and Patent Review, Cloud Security Posture Management, Technical Requirements Documentation, Script and User Guide Development, Engineering Methodologies, Process Design and Redesign

• Respond to security incidents and evaluate the type and severity of security events.
• Set clear expectations on issue resolution.
• Update stakeholders on changes in status during issue resolution.
• Provide status updates during the life cycle of an incident.
• Create a final incident report detailing the events of the incident.
• Support the maintenance and update of business recovery/contingency plans and/or procedures.
• Assist with establishing procedures for handling detected security events.
• Consult with customers on solutions to help secure their sensitive workloads running in Virtustream
• Design, implementation, and maintenance of solutions across large and technically diverse environments
• Collaborate with other teams, both internal and external to advise with the goal of increasing the security posture of the organization or customer
• Independently provides security expertise to small to midsize projects or programs
• Supports senior staff in larger projects and programs
• Ability to understand and articulate the security strategy, policy and procedures and their implications for the organization

Skills: Customer Consultation, Solution Design and Implementation, Solution Maintenance, Cross-team Collaboration, Security Posture Improvement, Independent Security Expertise, Project and Program Support, Security Strategy Articulation

• Become an integral part of the global Cyber Security team focusing on Security, Identity protection and process automation
• Contribute to the overall Cloud Security architectural and operational strategies
• Provide expertise on flexible and dynamic Cloud security architecture implementation on AWS
• Assist the Security team in operations and Incident response and mitigation
• Assist the project and operational teams to improve secure cloud computing
• Lead security projects to increase the security posture of infrastructure and company
• Detect, respond to, and remediate security incidents
• Development and review of company-wide security policies and processes
• Ownership of company-wide IAM solution
• Setup and maintenance of monitoring infrastructure
• Setup and maintenance of incident response and forensic toolkit
• Collaborate with different stakeholders to help us design, implement, test, and deploy secure solutions
• Define security requirements for DevOps and product teams

Skills: Global Cyber Security, Identity Protection, Process Automation, Cloud Security Architecture, AWS Security Implementation, Incident Response and Mitigation, Secure Cloud Computing Improvement, Security Project Leadership

• Create and implement cloud security designs based on solution requirements.
• Be a point of contact within Sitecore for specific security-related requests.
• Build and implement enterprise-class security systems for production environments.
• Implement and operate a state-of-the-art SIEM solution.
• Build and maintain security elements to mitigate threats as they emerge.
• Build solutions that balance business requirements with information and cyber security requirements.
• Use current programming languages and technologies to write code, complete programming and perform testing and debugging of applications.
• Ensure adherence to standard regulatory and compliance requirements by overseeing regular 3rd party security audits and penetration testing.
• Learn and evolve continuously with the fast-changing cloud and security marketplace.
• Ensure day-to-day management of Sitecore Content Hub platforms by investigating and resolving incidents, solving ad-hoc technical problems, performance monitoring and managing system capacity.
• Recognize, recommend, and support improvements.
• Improve security-related strategies/processes.
• Stay abreast of/and implement new techniques and practices.

Skills: Cloud Security Design, Security Request Management, Enterprise Security Systems, SIEM Implementation, Threat Mitigation, Business-Security Balance, Programming and Debugging, Regulatory Compliance

• Designs and implements CI/CD pipelines to automate the deployment of cloud security-related resources and infrastructure
• Automation of security configurations and security-related workloads based on security policies
• Development of internal tools and process flows to support automation security initiatives
• Implementation of Highly Available security systems
• Responsible for the creation of Run books/Playbooks about deployment processes and operational support
• Works with engineers and architects to design security solutions via design input and code reviews
• Provides direct feedback to senior leadership on project status and projection of timeline for completion of outlined tasks
• Produce implementation plans for engineering tasks of solutions from end to end
• Ability to provide feedback for PI planning activities about project status and future state
• Maintain clear and concise communications throughout the planning and deployment process
• Ability to act as a liaison between departments to ensure all tasks are understood and completed properly
• Work with teammates to evaluate new technical solutions and how to leverage emerging technologies

Skills: CI/CD Pipeline Design, Security Automation, Internal Tools Development, Highly Available Security Systems, Runbook/Playbook Creation, Security Solution Design, Leadership Feedback, Implementation Planning

• Lead security operations, event monitoring, and incident response-related activities, and act as a strategic partner during new deployments of cloud services working closely with the capability maturity team, business/IT leadership and others.
• Review new cloud services regularly for impacts to security operations and to develop changes for XSOLIS security operational environment in partnership with multiple stakeholders.
• Develop solution approaches for automated threat detection, behavioral analytics and other automation for managing cloud security operations.
• Provide consulting and support during the deployment of new cloud security tools and/or processes to monitor and alert processes to ensure appropriate visibility around cloud computing resources.
• Help create, maintain, and enhance cloud security incident response plan along with a security playbook.
• Assess existing cloud implementations, identifying security issues and prioritizing fixes.
• Provide daily, ongoing operational support of cloud security operations, including the security impact of proposed modifications, additions, and technology implementation/refresh operations.
• Understand cloud systems security vulnerabilities and associated threats and assess the overall security risks to the system.
• Provide mitigation recommendations to reduce identified security risks.
• Work directly with internal technology teams and customers to establish and enforce security best practices, protection objectives, process improvements and effective security controls.
• Thoroughly understand software installations, systems monitoring and troubleshooting, account management, and overall efforts to minimize cloud system downtime.
• Serve as the Cyber Security Operations' primary interface to governance, compliance, and risk management teams to ensure the system consistently meets the requirements for certification and audits.
• Establish key business operations relationships, providing an avenue to assess and recommend operational changes and enhancements.

Skills: Security Operations Leadership, Event Monitoring, Incident Response, Cloud Service Security Review, Automated Threat Detection, Cloud Security Tools Deployment, Security Incident Response Planning, Security Issue Assessment

• Be a trusted advisor for cloud initiatives by providing objective, practical and significant ideas, insights and advice while also building interpersonal partnerships and networks
• Ensure the development of comprehensive cloud capabilities with guidance from appropriate business and IT resources.
• Be the go-to person for Azure Cloud Security Architecture.
• Ensure that all cloud solutions follow security and compliance controls.
• Guide the application of a variety of control frameworks to a cloud environment including NIST CSF, 800-53r4, CSA CCM, HIPAA, ISO 27001
• Participate in the establishment of an automated DevOps release management pipeline that delivers tooling for next-generation application development efforts and ongoing production operations.
• Cultivate a Continuous Integration/Continuous Delivery mindset.
• Develop and maintain internal project documentation.
• Partner with development, infrastructure and support teams to develop practical automation solutions and custom modules.
• Fix automation issues and find practical solutions that move projects forward in a timely manner.
• Partner with business and IT Leaders to deliver strategic investments in Azure security initiatives.
• Plan, coordinate, and control multiple responsibilities to achieve project objectives and technically guide projects through to completion.
• Ensure work is completed within target time frames and are consistently of high quality.
• Ensure platform health by crafting appropriate monitoring and alerting practices and levels.

Skills: Cloud Advisory, Cloud Capability Development, Azure Security Architecture, Security and Compliance Controls, Control Framework Application, Automated DevOps Pipeline, CI/CD Mindset, Project Documentation

• Participate in the evaluation, design, and implementation of security solutions, such as vulnerability assessment and remediation, intrusion detection & prevention, data loss prevention (DLP), and security information and event management (SIEM) solutions.
• Operate and maintain the security technologies to ensure they function as designed, including web application firewalls, internal encryption of data at rest and in transit, infrastructure cloud security technologies, DLP, SIEM, and other solutions.
• Create effective code and scripts to automate and orchestrate processes, both in the deployment and configuration management of security controls as well as in the incident response process.
• Create effective code and scripts to automate application security and security operations processes, integrate with deployment and configuration management tools
• Review code for security vulnerabilities
• Assist in the collection, monitoring, and analysis of security event logs.
• Assist in reviewing alerts and performing security investigations.
• Participate in building and maturing security operations and incident response capabilities.
• Collaborate with site reliability and product development engineering teams to plan and execute changes required to support security initiatives.
• Assist in attack and penetration testing activities targeting the products and services.
• Assist with the definition of internal security requirements and standards governing internally and externally-facing technologies or products.
• Assist in the coordination of third-party adversarial penetration testing engagements on the products & services
.
• Improve security posture of SRE tooling and processes.

Skills: Security Solution Implementation, Security Technology Maintenance, Automation and Orchestration, Application Security Automation, Code Security Review, Security Event Monitoring, Security Investigations, Incident Response

• Work in an Agile squad, alongside the Cloud Operations and Engineering team to create new security capabilities in CTC's Azure environment.
• Work with Security Solution Architecture to develop and implement technology solutions aligning with Enterprise Security Architecture frameworks and standards.
• Provide technical leadership and security consulting to CTC Cloud operational and project teams.
• Provide direction for security performance, capacity, and overall security architecture solutions for business projects and internal infrastructure projects.
• Participate in project delivery, embracing the Agile methodology and associated toolsets.
• Agile and innovative individuals, manage in an environment of change and ambiguity to help us take bold and strategic moves in this rapidly evolving retail environment.
• Creative thinkers who take initiative and are capable of building, launching and managing projects/programs that drive results for the customers.
• Problem solvers with the ability to analyze and prioritize to meet business objectives.
• Collaborative team players with superior influencing skills, who build relationships easily across various stakeholder groups to move initiatives forward.
• Full planning and onboarding of customers' cloud infrastructure into the client's Security portfolio
• Ensuring customers' Cloud estate is configured securely according to industry standards
• Ongoing maintenance and tuning of customers' Cloud security products
• Supporting pre-sales with or on behalf of a sales representative

Skills: Agile Security Development, Azure Security Capabilities, Security Solution Architecture, Technical Leadership, Security Performance Management, Agile Project Delivery, Strategic Initiative Management, Creative Problem Solving

• Serves as the lead cloud technical resource within the Security team.
• Implements, monitors and supports security controls within cloud-based platforms including Microsoft 365 Cloud (Office 365 and Azure) and Amazon Web Services (AWS), including those native to the platforms and additional solutions implemented to complement and monitor those platforms.
• Oversees cloud security functions handled by Cloud Managed Service Provider.
• Manages projects and consultants to improve AWS, Office 365 and Azure security posture.
• Assesses and prioritizes cloud security projects based on information security risk.
• Supports new initiatives that utilize cloud services as the lead Security representative.
• Integrates and utilizes cloud monitoring tools and Security Operation Center solutions.
• Leads and monitors vulnerability management within cloud environments.
• Operationally responsible for some role-based identity and access management and encryption key management within cloud platforms.
• Defines, refines and automates security processes.
• Participates in incident response, change management, service requests, and problem resolution in the cloud platforms.
• Supports other security efforts directly and indirectly related to cloud platforms and the business use of those platforms.
• Be a focal point to interview as part of practice building.

Skills: Lead Cloud Technical Resource, Cloud Security Implementation, Cloud Security Monitoring, Cloud MSP Oversight, Security Project Management, Information Security Risk Assessment, Cloud Services Security Support, Cloud Monitoring Integration

• AWS Solutions Architect Associate & AWS Security Specialty
• Strong familiarity with Linux and Windows operating systems and cloud provider ecosystems (AWS)
• Practical knowledge of AWS foundation services related to computing, network, storage, administration and security, deployment and management, automation technologies
• Strong familiarity with PAM solution, AWS IAM, and Secret management (Hahshicorp/AWS secret manager/Cyberark Conjur…)
• Practical knowledge of microservices programming (AWS Lambda, Docker, etc.)
• Familiarity with scripting language: bash shell, python, power shell
• DevOps know-how building and deploying infrastructure with cloud deployment, building and test automation technologies like Ansible, Terraform, Docker, Jenkins, etc.
• Communicate with various audiences, including business leaders, engineers, clients, and team members.
• Great verbal communication skills to convey information to the relevant audience. 
• Written communication skills, documentation and reporting
• Ability to work with various multi-disciplinary team
• Be a team-oriented individual with a priority on the successful completion of group goals
• Excellent analytical and troubleshooting skills

Qualifications: BS in Computer Science with 2 years of Experience 

• Strong cloud-secure architecture
• Threat risk modeling methodology knowledge
• Skills and knowledge of CSA and other cloud security frameworks in GCP, AWS, and Azure
• Ability to assess testing and compliance tools and work with DevOps to maintain the selected ones.
• Scripting and programming experience
• Create interfaces with existing tools such as SIEM.
• Configure tools to meet ongoing requirements for monitoring and compliance.
• Knowledge of networking, zones, cloud security, and network security.
• Some experience with system hardening guidance and tools.
• Able to work independently but also as part of a team.
• Flexibility to change direction and manage conflicting demands and emergencies.
• Comfortable working in a fast-paced environment.
• Highly motivated with the ability to self-start, prioritize, multi-task, and work in a team setting.

Qualifications: BS in Systems Administration with 5 years of Experience 

• Have Google and other cloud security or architecture certifications 
• CSA or other cloud-related certifications.
• Have CISSP, CISA, CISM
• Solid knowledge and experience using cloud security and compliance products.
• Deep knowledge and experience with security assessment tools, cloud security architecture, and supporting
• Knowledge of security assessment tools, cloud security architecture, and support.
• Experience with SAST and DAST tools.
• Experience with Docker, Kubernetes, or similar tools.
• Knowledge of networking, IAM, public cloud, enterprise logging, SIEM, API Management, and containerization.
• Experience with Incident Response and deep analytical investigation to understand a threat and address it.
• Experience with scripting tools.

Qualifications: BS in Computer Security with 3 years of Experience

• Experience in Azure Security Engineering
• SIEM Monitoring experience
• Experience implementing IT policies for security and privacy compliance (SOC, PCI etc.)
• Networking, database, and application security knowledge
• Previous DevOps / CI / CDs
• Azure Security Engineer Associate certified (or similar)
• Exposure to PCI-DSS and Pulumi experience
• Newer recent experience is good- cloud-based experience
• Experience with taking ownership, and drive to completion (doing end-to-end work) on the audit or security side of the house.
• Some active hands-on python experience
• Light development and SQL/Java/JVM experience

Qualifications: BA in Computer Science with 4 years of Experience 

• Understand the AWS ecosystem, containers, and the Kubernetes ecosystem
• Understand cloud networking
• Experience with threat modeling, security design reviews, and security architecture.
• Work with the engineering team to implement various security patches
• Write scripts to parse logs from various infrastructure components
• Experience with prioritizing various vulnerabilities for maximum security impact
• Familiar with the threat intelligence landscape
• Have handled Operations or Security of cloud-based or on-premise
• Some programming experience (Scripting, Python, Java)
• Understanding of business security requirements such as SANS20, NIST-CFT

Qualifications: BA in Information Systems with 2 years of Experience

• Experience with multiple cloud security disciplines (application security, encryption and key management, authentication, CI/CD pipelines, etc.)
• Experience securing enterprise-scale cloud offers
• Experience with Information Security, Cloud Operations, Monitoring, and Incident Response
• A deep understanding of various classes of security weaknesses/vulnerabilities and corresponding mitigations
• Secure Development Lifecycle (SDL) expertise
• Security architecture and/or secure engineering experience
• Strong social and technical communication skills, abilities to influence others at multiple levels of the company and significant experience working with multiple programs and partners at once.
• Deep understanding of Cisco products and solutions, including embedded, virtualized and cloud product offerings.
• Experience in projects using security engineering methodology and workflows.
• Possess a BSCS/EE or equivalent and have technical program management experience 
• Knowledge of service meshes

Qualifications: BA in Computer Engineering with 3 years of Experience

• Experience in IT environment and some years of infrastructure security experience (servers, storage, network, VMware virtualization)
• Experience with application security and identity management
• Understanding of Public Cloud (AWS, Azure, Google Cloud) security concepts
• Have CISSP, CCSP, CEH certificates
• Significant experience and working knowledge of the tasks necessary to keep the systems/applications in the assigned area running stable, secure, and performing well
• Good communication, documentation, and presentation skills
• Ability to assimilate multiple technologies/service requirements into a complete service design
• Critical thinking and creativity in thought process as well as problem-solving situations, consulting skills, leadership qualities, credibility, self-confidence
• Works well under high-pressure, high-demand environment with international, cross-cultural, cross-geographical collaboration
• Should have a proven track record of influencing others and be able to work with minimal guidance
• Experience working in an agile development environment
• Knowledge of ITSM processes or ITIL Foundation certificate 
• Project management skills

Qualifications: BS in Computer Science with 5 years of Experience 

• Specialist in Cloud Security and skilled in JWT/Oauth2.
• Experienced with Spring Boot applications (former developer)
• Skilled in data security (both at rest and in transit), TLS/mails, and SSL.
• Skilled in container security (Kubernetes) and experience with security in AWS and Azure environments.
• Fluent in English Language and proven analytical and problem-solving abilities.
• Be a team player who shows commitment and dedication to the job.
• Ability to work with team members, at all levels
• Be a decision maker, and stakeholders to define business requirements and systems goals, and to identify and resolve business systems issues.
• Ability to present ideas in business-friendly and user-friendly language.
• Ability to communicate at an executive level and articulate the business value of technical solutions.
• A good understanding and knowledge of common industry cybersecurity frameworks

Qualifications: BS in Computer Science with 2 years of Experience

• Completion of at least one relevant security certification(GCIH or similar, GSEC or CISSP, AWS Certified Security Specialty)
• Professional experience in security operations and incident response
• Experience with security operations and incident response in AWS environments
• Proficiency with at least one programming language (Python, Node.js, PHP, etc.)
• Deep understanding of the OWASP Top 10, cryptography, and transport-layer security
• Knowledge of compliance standards, excellent verbal and written communication
• Strong customer service orientation, and ability to work in a challenging, dynamic, Agile environment.
• Positive attitude, strong work ethic
• Good working knowledge of containers and Kubernetes
• Ability to build continuous delivery pipelines

Qualifications: BS in Information Security with 4 years of Experience

• Confirmed ability to promote an engineering culture with a focus on integrating security into the development and operational processes.
• Cloud networking experience including setup and configuration of VPC’s, routing, security groups, etc.
• Understanding of application security architecture and frameworks
• Experience with software lifecycle technologies enabling multi-developer teams such as Git, CI/CD pipelines, IDEs, etc.
• Familiar with the Agile methodology.
• Industry security and cloud certifications such as CISSP, CCSP, AWS Solution Architect, etc.
• Experience as a subject matter authority for one or more security technologies and frameworks and how they support an overall security program.
• Working knowledge of application security architecture and security frameworks such as NIST, CIS, etc.
• Experience with one or more security technologies and how they support an overall security program.
• Experience with AWS or GCP IaaS and PaaS
• Experience in using Terraform or other declarative infrastructure paradigms
• A good understanding of network design and distributed computing

Qualifications: BS in Computer Science with 5 years of Experience