CNAPP Security Engineer
GuidePoint Security
full-time
Posted on:
Location: District of Columbia • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudCyber SecurityGoogle Cloud PlatformJenkinsKubernetesMicroservicesPythonTerraform
About the role
- Perform implementation of CNAPP and CSPM tools in multi-account AWS and Azure environments.
- Implement IaC scanning tools within the CI/CD Pipelines.
- Develop Infrastructure as code in Cloud Formation or Terraform.
- Develop custom control checks within CNAPP Platforms using JSON, REGO, or Terraform.
- Analysis – identifies and evaluates potential threats and vulnerabilities to the public cloud environments network, applications, infrastructure, and systems.
- Issue Resolution – lead the resolution of identified issues in public cloud environments (Vulnerabilities, Compliance, Cloud Entitlements, Secrets, IaC).
- Deep understanding of Kubernetes and microservices security best practices.
- Perform container registry scanning.
- Review and create metrics, KPIs, and KRIs to track overall cloud security posture.
- Create, maintain, and update runbooks for cloud configuration checks.
- Assess the overall security posture of cloud security infrastructure and workloads.
- Advise customers on Cloud security best practices.
Requirements
- At least 3 years of experience working in Cloud Security with Amazon AWS, Microsoft Azure, or GCP
- Experience with Cloud Security tools like: Wiz.io, Orca, Lacework, Trivy, Aqua, Ermetic or Prisma Cloud
- Experience with integrating tools into development pipelines such as Azure DevOps, Jenkins, Etc.
- Understanding of a broad range of Cloud Security issues as well as their mitigation strategies
- Understanding of Cloud Security-related vulnerabilities
- Experience developing code in Terraform, Python, PowerShell, Rego, and other languages.
- Written communication skills for written interactions with clients
- Strong communication skills include articulating thoughts and refining complex problems into digestible information clearly.
- Ability to manage time independently while handling multiple projects concurrently.
- Bachelor’s degree in computer science or information Security preferred
- Cloud Security certifications are preferred.