Offensive Security Engineer
U.S. Bank
Senior Cloud Security Expert, AWS, Snowflake
New Era Technology
contract
Posted on:
Location: 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
AWSCloudCyber SecurityDNSEC2PythonSplunkTerraform
About the role
- Lead and execute a NIST SP 800-53 Rev 5 moderate-baseline cybersecurity assessment for a multi-account Snowflake deployment on AWS.
- Plan & scope the assessment; facilitate scoping workshops and interviews with IAM, Cloud Security Engineering, SRE, Snowflake DBAs, Network Security, GRC, and other teams.
- Select applicable NIST control baseline and overlays (HIPAA, CJIS, PCI-DSS, FedRAMP Moderate).
- Create detailed assessment plan and schedule; execute security assessment and produce a security assessment report with findings and recommendations.
- Inventory AWS IAM roles, SCPs, KMS key policies, and IAM Identity Center mappings; map to Snowflake RBAC and test separation-of-duties.
- Validate MFA, PrivateLink DNS, key-rotation cadence, IdP claims; inspect column-level encryption, tri-secret strategy, dynamic data-masking, and key management choices.
- Ensure logging & monitoring: validate CloudTrail org-trail + S3 object-lock, Snowflake Access History & Account Usage retention ≥ 1 year; test log integrity and SIEM onboarding (Splunk, Sentinel, Elastic).
- Review network & segmentation: VPC design, Transit Gateway attachments, Security Groups, NACLs, GuardDuty, and PrivateLink endpoint policies; obtain TLS scans.
- Execute vulnerability and configuration reviews; run Inspector & Qualys against EC2 bastions; validate Snowflake parameter drift and Terraform state alignment.
- Verify incident response runbooks for session kill, key rotation, and account failover; evaluate governance, FedRAMP/SOC2/AWS Artifact docs, and third-party vendor controls.
Requirements
- Bachelors in computer science, Information Systems, or equivalent; CISSP, CISA, or CISM preferred.
- 8+ years hands-on AWS security; current AWS Security Specialty or Solutions Architect Professional certification.
- 3+ years administering Snowflake Enterprise or higher; SnowPro Core or SnowPro Advanced (Architect) experience preferred.
- Deep knowledge of NIST SP 800-53 Rev 5 controls.
- Proficient with Terraform, CloudFormation, AWS Config conformance packs, and Okta/ADFS SAML claims mapping.
- Demonstrated experience integrating CloudTrail, GuardDuty, Macie, and Snowflake event tables into Splunk/Sentinel.
- Scripting: Python 3, Bash, SnowSQL; familiarity with Snowpark and data-classification UDFs a plus.
- AWS Control Tower & Landing Zone experience.
- Experience with large enterprises and big tech industry.
- Excellent attention to detail, organizational, analytical, documentation and communication skills.
- Ability to work across different time zones; collaborative team worker; self-starter; liaison between business and information security/IT.
