Cloud Security Engineer in Bucuresti

Description & SummaryA career in Cloud Security Operations, within Internal Firm Services, will provide you with the opportunity to focus on supporting our global internal infrastructure operations and security technologies. Using industry vendors such as Microsoft, Amazon, Google, and other cloud platforms, you will implement and support innovative services for our network of firms. You’ll be at the forefront of Internal Firm Services around the globe supporting innovative technology solutions that optimize business processes or enable scalable technology. Our team helps Internal Firm Services support their cloud security components and infrastructure architecture. As part of the team, you’ll focus on the cloud security configuration, platform policy management, and all cloud security.ResponsibilitiesAs a Cloud Security Engineer Manager, you’ll work as part of a team of problem solvers to support mission critical operations and ensure continued compliance with important Cybersecurity principles in a Cloud environment. This will require using a variety of modern technologies and techniques across multiple providers (Microsoft Azure, Amazon AWS, Google GCP, etc.) while supporting multiple cloud service implementations (IaaS, SaaS, PaaS). Specific responsibilities include but are not limited to:Lead the configuration and support of security products, and technologiesLead troubleshooting effort to resolve complex technical challenges for our stakeholdersDevelop and maintain documentation for security solutions and processesIdentify areas of cloud security improvements and drive respective work stream activitiesProvide Cloud Security-related trainings to team members as requiredLead and solve customer support requests, and coordinate and prioritize resolutionsMaintain platform and application security posture; and identify, recommend, and or remediate risks associated within the cloud infrastructureWork closely with architect teams while developing security controls Drive mitigation of reported risks from continuous monitoring solutionsMaintain the Azure Governance Policy repositories and pipelinesDesign and build internal cloud-based tools to automate security as part of DevOps cycleMaintain current and relevant knowledge of policy management, cloud computing, cloud vulnerabilities, and best practicesHelp drive Cloud Security Practices in IaaS/ PaaS and SaaS implementations.Conduct cloud security assessments to identify areas of risk and ensure any gaps are remediatedCollaborate with application development teams for remediation of policy compliance via automated pipelinesUse build and deployment processes (CI/CD) to promote code to staging and production environments. Preferred Knowledge/Skills5+ years of experience in Cloud and or information security fieldCloud platform certifications such as Microsoft, Google, Amazon Web ServicesProficiency in scripting programming languages - ARM Templates, JSON, PowerShell, Python, YAMLData Modeling, Cleaning, Normalizing and Visualization experience. Cloud security configuration experience - (Load Balancer, Security Groups, CASB, Key Management)Experience with version control systems VSTS and Visual code, Azure DevOpsExperience with Linux and Windows Operating Systems administrationIT and Security management best practice (ITIL, COBIT, ISO standards)Experience with cloud platform security policy managementExperience in administration/management of continuous monitoring solutionsUnderstanding of container security and orchestration concepts and best practicesExperience in writing and maintaining risk assessment reports (RARs) and plans of action and milestones (POAMs) for systems hosted in the CloudExcellent verbal and written communication skills to deliver and present documentation, reports, architecture, and findings.Desired Certifications / SkillsISC2 CCSP Certified Cloud Security ProfessionalITIL Certification(s)Experience building infrastructure and platforms using Azure Resource Manager, HashiCorp tooling (Terraform, Packer, Vault)Familiarity with security frameworks CSA, NIST, CIS, PCI DSS, etcAptitude & willingness to build skills to identify and assess cloud security vulnerabilities and risksAbility clearly explain security/compliance risks and recommended remediationDemonstrated experience in creating reporting & metrics using Excel (i.e. pivot tables), and SplunkExperience in defending attacks utilizing Information Security technologies, including web application firewalls, anti-DDoS technologies, advanced anti-malware solutions, and network forensics and visibility solutions