- Provide SME support for new and existing Cloud initiatives security systems for network/ application / database; providing technical support as needed on-perm and cloud.
- Maintain enterprise information security policies, technical standards, guidelines, and procedures necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
- Work with engineering and operation teams to implement threat detection signals, deploy new tooling, and improve response capabilities.
- Develop and review policies related to network security infrastructure including and not limited to Routing, Switches, NAC and Firewalls.
- Assist the regulatory team during audits and proactively identify methods for automation of evidence collection.
- Write testable and readable code in shell and python and understand provisioning tools such as Terraform, Ansible and Cloud formation.
- Create requirement and design documents that account for security risks in new or existing systems with architectures to mitigate them within company risk appetite.
- Develop, automate runbooks for security operations and compliance control automation.
- Develop automation and utilize frameworks to scale both protection and mitigation tools.
- Collaborate with IT staff, architecture and business units to assess risk and address security issues
- Provide expertise and guidance surrounding cyber related issues while recommending solutions that mitigate and eliminate risk.
- Ensure that controls are in place and managed properly to meet corporate, legal and regulatory compliance on all network and system infrastructures
- Document security processes, standards, technical documents and SOPs addressing the setup, operations and support of technical infrastructure.
- Assist in the creation of a defense in depth security model across multiple cloud providers.
- Build, design, develop, deploy, and support security software/tools that deliver security functionality and improve security efficiency and capabilities through automation.
- Ensure enterprise security best practices are followed across AWS, and GCP cloud platforms.
- Define security requirements and reviews systems to determine if they comply with established standards and develops new standards as necessary
- Validate and test security architecture and design solutions to produce detailed engineering specifications, recommend vendor technologies where applicable.
Skills, Abilities, Experience & Qualifications
- BS in Computer Science, Information Security, or minimum 7 to 10 years of experience in the IT industry and at least 5 years of experience in Information security engineering.
- Strong understanding of networking Infrastructure
- Relevant industry certifications such as AWS, GCP, CISSP and SANS/GIAC.
- Strong knowledge of regulatory standards or control frameworks that govern Information Security practices such as NIST, ISO, SOX, PCI, and state and federal privacy laws.
- Excellent understanding/working knowledge of the public cloud infrastructure and services in GCP and AWS (IAM, VPC, KMS, CloudWatch, Cloud operations, S3, Cloud Storage, etc.)
- Experience building and securing infrastructure as code using CloudFormation, Terraform, Ansible, SAM and/or similar tools.
- Working experience in creating DevSecOps pipelines using Jenkins.
- Fluency with one or more scripting/coding languages (e.g. bash, Python);
- Knowledge of enhancing security on AWS and GCP preferred.
Work Environment, Physical & Mental Demands
- Ability to sit and work at a computer keyboard for extended periods of time
- Ability to stoop, kneel, bend at the waist, and reach on a daily basis
- Able to lift and move up to 25 pounds occasionally
- Must utilize visual acuity, speech and hearing, hand and eye coordination and manual dexterity necessary to operate a computer and office equipment
- Hours regularly exceed 40 hours per week
Work Locations: 01099I IT Dept. 6380 Rogerdale Rd Houston 77072
Job: Information Technology (IT)
Organization: Tailored Shared Services
Shift: Day Job