Senior Cloud Security Engineer
Climb Channel Solutions NA
AWSAzureCloudCyber SecurityGoogle Cloud Platform
Information Security Engineer
Vail Systems
full-time
Posted on:
Location: Illinois • 🇺🇸 United States
Visit company websiteSalary
💰 $110,000 - $140,000 per year
Job Level
Mid-LevelSenior
Tech Stack
CloudCyber SecurityKubernetesLinuxPython
About the role
- Perform comprehensive reviews of security events aggregated from multiple log sources, including endpoint protection tools, email gateway, web gateway, cloud-based products, and SIEM.
- Conduct in-depth investigations of security alerts and issues affecting Windows, Mac, and Linux end-user devices and Windows and Linux servers. This may involve direct access to systems for forensic analysis, troubleshooting, and validation of potential threats.
- Work closely with other departments to assess security incidents and vulnerabilities, providing actionable recommendations to improve the security posture and reduce risk.
- Maintain and administer security tools to ensure optimal performance, accuracy, coverage, and compliance across Vail’s environments.
- Develop and maintain comprehensive security documentation, including standard operating procedures, incident response playbooks, and incident response guides.
- Lead and participate in the coordination of security incident response activities, including participation in an on-call rotation for security incidents.
- Prepare weekly and monthly reports on security metrics, highlighting key findings, emerging threats, and actionable insights.
- Collaborate with team members and senior staff to design and develop, and enhance security tools and automation capabilities.
- Support internal and external audits and ensure adherence to regulatory and industry frameworks, including PCI DSS, HIPAA, SOC 2, NIST, and ISO 27001.
Requirements
- Education: Bachelor’s degree in Computer Engineering, Computer Science, Information/Cyber Security, or a related field.
- Experience: Minimum of 5 years in an Information Security role, with proven ability to prioritize and respond with urgency to security-related issues.
- Core Skills: Proficient in at least four of the skill sets outlined in the responsibilities section above.
- Operating Systems: Hands-on experience with Linux and Windows environments; working knowledge of Linux system administration and bash scripting.
- Programming & Scripting: Experience writing Python scripts to support security operations and automation.
- Networking: Familiarity with networking fundamentals, protocols, and troubleshooting.
- Security Knowledge: Understanding of diverse security risks and their potential business impact.
- Incident Response: Prior experience as a member of an incident response team.
- Cloud & Containerization: Knowledge of on-premises Kubernetes environments.
- Compliance: Familiarity with compliance frameworks, including PCI DSS, HIPAA, SOC 2, NIST, and ISO 27001.
- Certifications: Security or Linux certifications, i.e., CISSP, LFCE, LFCS, RHCSA, RHCE, or Red Hat Certified Specialist in Security: Linux, preferred.
- Rapid7 Platform Experience: Experience using Rapid7 products such as InsightIDR, InsightVM, and Exposure Command to support threat detection, vulnerability management, and exposure reduction initiatives, a bonus.
- Vulnerability Management: Ability to conduct vulnerability assessments, validate identified vulnerabilities, prepare detailed reports for operations and management, and coordinate remediation efforts with relevant stakeholders, a bonus.
