Design, manage, support, and implement cloud security policies, services, and projects.
Provide architectural security guidance in compliance with industry standards (HIPAA, NIST, CIS) for public cloud environments.
Review and provide security-significant feedback on designs and proposed changes submitted by others within the organization.
Frequently communicate and present technical data to audiences with varying levels of technical knowledge.
Frequently communicate with and present to upper management.
Manage cloud firewall, DLP, and vulnerability scanning technology.
Support L1 in resolving cloud-security related issues and follow/improve documented Incident Response playbooks
Research new technology and assist in proof-of-concept testing.
Document security standards and processes.
Work with other internal BMC Security / infrastructure teams to remediate vulnerabilities and other security issues.
Contribute to design decisions for new technology or existing technology being used in a new way.
Coordinate findings remediation of known vulnerabilities within the organization’s cloud presence.
Assist in the education of the workforce on security topics through training and awareness opportunities.
Provide less experienced security engineers with feedback and guidance on projects and skills development.

Requirements

Bachelor’s degree in Computer Science, Engineering, or related discipline; equivalent experience acceptable
CCSP, CISSP, CEH, Security+, or other security related certifications preferred
3+ years of experience managing information security in a public cloud environment (AWS, Azure, GCP)
Strong, demonstrated AWS expertise required
4+ years of experience in information security
7+ years of experience in IT (information technology), preferentially with development, network, or systems administration experience
Healthcare domain knowledge and working in regulated environments is a plus (HIPAA, HITRUST, SOC2, PCI-DSS)
AWS Certifications, Architect Associate or Professional required.
Expert-level knowledge of AWS GuardDuty, Security Hub, Macie, Inspector, Trusted Advisor
Knowledge of Edge protection technologies such as AWS Shield, WAF, CloudFront
Strong working understanding of Identity and Access Management (IAM) and SSO Integration via Active Directory (Azure AD / ADFS)
Experience working in organizations with top level Control Tower or Landing Zone Accelerator (SCP’s, Guardrails, Config Rules, etc.)
Experience with monitoring systems such as CloudWatch / VPC Flow Logs and other industry standard visibility platforms (Splunk, DataDog, Dynatrace, New Relic, etc.)
Experience with Logging and log monitoring (CloudWatch and CloudTrail) both for security and compliance efforts
Proficiency with one or more scripting languages (python, json, yaml, bash, etc.)
Proficiency with Infrastructure as Code (IaC), including CloudFormation and/or Terraform
Understanding of CI/CD on AWS platform
Expert knowledge of AWS network and security features (VPC, Security Groups, NACLs, ALB/NLB, Transit Gateway, etc.)
Experience supporting applications with native services and serverless architecture (Lambda) on AWS platform
Strong understanding of high availability solutioning (multi-AZ / regions, Backup) and how security fits into this model
Demonstrated history of moving mission-critical applications from the data center to AWS
Ability to effectively adapt to rapidly changing technology and apply it to business needs.

Benefits

health insurance
dental insurance
vision insurance
generous total compensation
paid time off
career advancement opportunities

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud securityAWS expertiseinformation securityscripting languagesInfrastructure as CodeCI/CDvulnerability scanningidentity and access managementcloud firewall managementincident response

Soft Skills

communicationpresentationfeedbackguidancetrainingcollaborationproblem-solvingadaptabilityorganizational skillstechnical writing

Certifications

CCSPCISSPCEHSecurity+AWS Architect AssociateAWS Architect Professional