As a Sr. Security Engineer focused on Cloud Security, you will work on highly impactful security efforts in the art and science of Cloud/AWS security and defense. Working closely with our V.P. Security Engineering, you will help design, develop, and implement infrastructure security policies and employ the right technologies to monitor adherence to them. You will play a key role in defining next generation security architecture and solutions in the AWS cloud environment and provide security capabilities related metrics for executive level dashboards. You will provide direction in the Cloud/AWS space; design and implement cloud security solutions for a variety of critical initiatives through identification, analysis, evaluation, management, and adoption of technologies applicable to AWS.
Key day to day responsibilities and objectives you would have
- Leading, developing, implementing, and contributing to the security posture of Ellie Mae’s data center infrastructure, cloud architectures, and solutions
- Development, implementation, and lifecycle management of AWS security solutions; requirements, specifications, standards, design patterns, and roadmaps.
- Using a strategic point of view while implementing solutions
- Help guide business units to design & implement the correct security solutions
- Work within Cybersecurity and across multiple business teams to review and evaluate systems and network security solutions for enterprise and business use
- Able to automate the security toolkits with automation tools
- Execute threat modeling methodologies on applications and use the results to drive appropriate infrastructure security implementations and take current solutions to the next level
- Show significant proficiency in cybersecurity design and engineering experience in networks, data center security, cloud infrastructure and platforms (IaaS and PaaS); AWS security solutions for Identity, detective control, infrastructure security data protection, and incident response.
- Experience with the following security technologies and capabilities: Identity: AWS IAM, Directory services, secrets manager, Cognito; Detective control: Cloud trail, CloudWatch, VPC Flow logs, Guard Duty; Infrastructure security: AWS EC2 systems manager, Shield, WAF, Inspector, VPC ; Data security: AWS KMS, Cloud HSMs, Macie, Certificate manager ; Incident response: Config rules, Lambda
- Cloud SIEM and vulnerability management
- Cloud security automation and testing
- Integrating AWS security partner technologies including Evident.IO, Splunk, SumoLogic, Palo Alto Networks, Trend Micro, Gemalto, Vormetric, etc.
- Regulations such as FFIEC and PCI-DSS; standards such as NIST and CSC controls
- Good understanding of SSDLC processes and follows them to effectively