The responsibilities of the Cloud Security Engineer encompass collaborating with other DevOps and SysOps teams to transition public-facing, on-premise applications to the Cloud; securing the configuration management of the Cloud infrastructure; mitigating risks, and applying security controls to improve visibility and diagnostics in compliance with governing Federal requirements and security best practices.
Developing and deploying infrastructure as a code scripts to implement and optimize security controls and mechanisms of a cloud infrastructure including initial and ongoing configuration of related automation and administration.
Acting as the subject matter expert for cloud security and associated tools such as SIEM, access control mechanisms, IDS/IPS.
Monitoring Cloud infrastructure and proactively mitigate potential incidents before service degradation occurs.
Providing guidance to our DevOps teams developing on public Cloud platforms, advising on security standards for Cloud deployment, and working to identify common patterns for template provisioning.
Conducting assessments of security controls for new and existing cloud systems; creating and maintaining as-built system documentation, architecture diagrams, and online collaborative documentation such as Wiki. Determining security modes of operation and recommending new or revised security measures and countermeasures for current security challenges.
Required Skills Required Experience