Principal Security Analyst – Cloud Security

About the job

Equal Opportunity Employer: Minority/Female/Disability/Veteran WM a Fortune 250 company, is the leading provider of comprehensive waste and environmental services in North America. We are strongly committed to a foundation of operating excellence, professionalism and financial strength. WM serves nearly 25 million customers in residential, commercial, industrial and municipal markets throughout North America through a network of collection operations, transfer stations, landfills, recycling facilities and waste-based energy production projects. To enable our business to expand our lead in a market increasingly enhanced by technology, Waste Management is undertaking a substantial technology transformation. We are seeking talented Information Technology professionals to join the Waste Management team who are motivated to help us transform the way we design, build and use technology. With your skills and experience, we look for you to combine your technical expertise with industry best practices in an effort to align information technology solutions with Waste Management business strategy. I. Job Summary The AWS Security Engineer will be responsible for designing and delivering security solutions in Cloud infrastructure based on Cloud security standards, governance, and control practices. Conducts technical research when necessary to contribute to setting cloud security direction and strategy. Assists others on own team, or other teams where applicable, on cloud security projects or security-relevant tasks on technical projects. Expert Knowledge in Information as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). Experience in scripting languages like Python, Unix Shell (bash/ksh), etc would be a great plus. Strong Communication skills is a must. II. Duties and Responsibilities To perform this job successfully, an individual must be able to perform each duty satisfactorily. Other ancillary duties may be assigned.

• Serve as the Subject Matter Expert for a collection of critical cybersecurity technologies, possessing the highest level of expertise in the design, deployment, maintenance, and remediation of those technologies
• Provide expert-level support to teams deploying applications into AWS platforms from ideation to deployment
• Provide recommendations to improve the architecture and operational processes around cloud computing at WM, and follow through with scripting and the use of native technologies to optimize the environment
• Experience and strong working knowledge of cloud computing technologies such as AWS and Azure
• Ability to script and automate mundane tasks using tools such as Python and native functionality (CloudFormation)
• Expert-level debugging skills, including the ability to analyze common markup languages such as XML or JSON
• Experience and strong working knowledge of managing security infrastructure (e.g., including MicroFocus ArcSight, Palo Alto Firewalls, FireEye HX/NX/EX, Fortinet Firewall and NAC solutions.
• Create process documents for operations, maintenance and integrating output from these tools into daily security operations. Architectural and Security review: Able to review/create Architectural diagrams for best practices taking into consideration the best use of resources, expense and security concerns.
• Automation – Identify opportunities for automation with the AWS environment utilizing tools such as Python3, Bash, PowerShell, Lambda, CloudWatch and SSM.
• Mentors and fosters the growth of peers and team members.
• Off hours support required due to the 24×7 nature of this team.

III. Supervisory Responsibilities Will coach and mentor less experienced analysts and act as team leader on more complicated systems projects. IV. Qualifications A. Education and Experience

• Education: Bachelor’s Degree (accredited) in Computer Science, MIS, Business Administration or similar area of study or in lieu of degree, High School Diploma or GED (accredited) and four years of relevant work experience.
• Experience: Seven years of prior work experience (in addition to education requirement).

B. Certificates, Licenses, Registrations or Other Requirements One or more of the following is required:

• Certified Information Systems Security Professional (CISSP).
• Certified Information Systems Auditor (CISA).
• Certified Information Security Manager (CISM).

C. Other Knowledge, Skills or Abilities Required May require technically advanced or in-depth skills in one or more of the following:

• Ability to create and deliver presentations targeted to either end users or senior management.
• Highly technical across a broad range of computing platforms and network protocols.
• Experience in several or more of the following technologies: Firewalls, Intrusion Prevention, Vulnerability Scanning, Email Security, Endpoint Security, DNS, and SIEM
• Understanding and experience with IP address space management, subnetting, name resolution, and directory service protocols.
• Familiarity with key security models and regulations such as ISO 2700X, SOX and PCI.

V. Work Environment Listed below are key points regarding environmental demands and work environment of the job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job. Normal setting for this job is: Office setting Benefits

At WM, each eligible employee receives a competitive total compensation package including Medical, Dental, Vision, Life Insurance and Short Term Disability. As well as a Stock Purchase Plan, Company match on 401K, and more! Our employees also receive Paid Vacation, Holidays, and Personal Days. Please note that benefits may vary by site. If this sounds like the opportunity that you have been looking for, please click “Apply.

Primary Location

United States-Texas-Houston

Flexible Work Location Acceptable

Work Remotely

Shift

Day

Travel

Yes, 10 % of the Time

FLSA Status

Exempt

Job

Digital