About the job
What we need:
As Sr. Engineer of Cloud Security at Cetera, you will be responsible for the security of our cloud-based systems, applications, and data. You will work with our engineering and operations teams to design and implement security controls and processes that protect our data and meet compliance requirements. You will also be responsible for investigating and responding to security incidents. The ideal candidate will have experience with cloud security, application security, network security, and security compliance. They will also be able to effectively communicate complex security concepts to non-technical staff.
What you will do:
- Acts as the senior technical representative for enterprise security while engaging with other senior technical leaders throughout the organization in the design and implementation of cloud and cloud/hybrid-based implementations and solutions.
- Drive the security standards and tool strategies for public and private cloud solutions.
- Conduct technology assessments to establish and validate an enterprise security baseline and establish a technical direction.
- Set technical standards for Cloud infrastructure, containers, security baselines, policies, and procedures.
- Develop and implement security controls for various cloud infrastructure providers.
- Analyze security configurations and provide vulnerability reports.
- Provide subject matter expertise on, and conduct in-depth security reviews of, new OS, database, middleware, solutions as they are identified for use.
- Automate security testing and auditing to prevent regressions and catch issues before they reach production.
- Codify traditional security processes to take humans out of the equation making security consumable as a service.
- Provide security expertise on system, network, encryption, authentication, and governance.
- Provide hands-on support to the IT security systems administration, incident response team, and architecture development team, including monitoring and capacity planning.
- Ensure our cloud environments comply with industry-standard security benchmarks.
- Support the regulatory compliance initiatives, processes, and documentation for ISO, NIST, CSA, PCI, SOC2, etc.
- Develop scripts and automation to scale and accelerate the implementation and audit of security configurations, risks, and assessments.
- Review modern technologies and products for security implications.
- Advise, influence, and educating the rest of the company on matters of compliance and security.
- Design, develop, and implement new cloud security technologies to support business and technology solutions.
- Assess and understand the company‘s current security posture and future architecture, providing a viable solution path to bridge the gap.
- Research and architect solutions to solve security and compliance requirements.
- Assist the Cloud Network team in performing security design, analysis, and recommendation for a wide variety of IT systems and technologies.
- Research and stay up to date on the latest security threats and trends.
- Monitor and validate compliance with security policies and procedures.
- Interactions, document requests, and walkthrough meetings with auditors and regulators when needed.
- Participate on automation of incident prioritization, false positives identification, correlation, vulnerability remediation.
What you need to have:
- Bachelor’s Degree or equivalent and at least 3 years of relevant experience
- 5+ years in information security, with at least 3 years of cloud security related responsibilities
- Knowledge of and experience with cloud security services and engineering, including public, private, and hybrid models
- Experience with cloud services and ability to identify the pitfalls and potential security problems with traditional cloud deployments.
- Experience with DevOps or other agile methodology
- Experience with containerization technology, such as Docker and Kubernetes
- Familiarity with big data security solutions
- Experience with scripting languages (e.g., Python, Java, Perl)
- Experience with load balancing using edge nodes.
- Experience working in Networking and with Unix / Linux Servers
- Experience with authentication protocols (i.e., SAML, WS-FED, OIDC / OAuth 2.0)
- Experience with Windows, AWS/Azure Cloud, O365, and Linux/UNIX environments
- A commitment to security best practices
Really catch our eye with:
- Experience with mergers and acquisitions (M&A) access and integration activities is a plus.
- Experience with DLP, CASB, Zero-Trust, and SOAR solutions is a plus.
- Excellent verbal and written communication skills are desired.
- Strong project management skills are a plus.
- Knowledge of and/or experience with industry leading security tools is a plus.
- Distributed systems and cloud services experience is desirable, experience with fuzzing frameworks and exploitation frameworks (such as Metasploit, etc.) is preferred.
- Security and/or advanced networking certifications (i.e., CISSP, CISM, GIAC SANS, AWS, CCIE, CCNP, etc.) is a plus.
The salary range for this role is $165,000 – $185,000, plus competitive performance-based bonus. Compensation packages are based on a wide array of factors unique to each candidate, including but not limited to skill set, years and depth of experience, certifications, and specific office location. Compensation ranges may differ in differing locations due to cost of labor considerations.
What we give you in return:
Not many teams can say that they support people’s dreams coming to life… We happen to do that every day. And as important as we know your career is, we recognize that there’s a whole lot more to life. To ensure that our Employees can make the most of their time outside of working hours, we offer a competitive salary and benefits package inclusive of:
- Health, dental, vision and life insurance plans built to support healthy lifestyles, offer preventative care, and protect against hardship
- 20 days of paid time off (PTO), paid holidays, and 2 days of paid volunteer time off (VTO) to give our employees the time they need to stay close with their loved ones, recharge, and give back to their communities
- 401(k) Savings plan with a generous company match (up to 5%), and access to a financial professional to offer our employees the opportunity to plan-ahead for a strong financial future well beyond their working years
- Health Savings and Flexible Spending Account options to help you save money on healthcare, daycare, commuting, and more
- Employee Assistance Program (EAP), LifeLock, Pet Insurance and more
Cetera is committed to providing a safe and healthy work environment for all employees. As part of this duty of care, Cetera will periodically review our policies and procedures and may update these to ensure fulfillment of our commitment. We strive to follow both CDC and local guidance, and, as such, there may be specific requirements within our sites which will be provided to you prior to your start date.
About Cetera Financial Group:
Cetera Financial Group® (“Cetera”) is a leading network of independent retail broker-dealers empowering the delivery of objective financial advice to individuals, families and company retirement plans across the country through trusted financial advisors and financial institutions. Cetera is an independent financial advisor network and a leading provider of retail services to the investment programs of banks and credit unions.
Through its multiple distinct firms, Cetera offers independent and institutions-based advisors the benefits of a large, established broker-dealer and registered investment adviser, while serving advisors and institutions in a way that is customized to their needs and aspirations. Advisor support resources offered through Cetera include award-winning wealth management and advisory platforms, comprehensive broker-dealer and registered investment adviser services, practice management support and innovative technology.
“Cetera Financial Group” refers to the network of retail independent broker-dealers encompassing, among others, Cetera Advisors, Cetera Advisor Networks, Cetera Financial Institutions, Cetera Financial Specialists, and First Allied Securities.
Cetera Financial Group is committed to providing an equal employment opportunity for all applicants and employees. For us, this is the only acceptable way to do business. Accordingly, all employment decisions at the Cetera Financial Group, including those relating to hiring, promotion, transfers, benefits, compensation, and placement, will be made without regard to race, color, ancestry, national origin, citizenship, age, physical and/or mental disability, medical condition, pregnancy, genetic characteristics, religion, religious dress and/or grooming, gender, gender identity, gender expression, sexual orientation, marital status, U.S. military status, political affiliation, or any other class protected by state and/or federal law.
Agencies please note: this recruitment assignment is being managed directly by Cetera’s Talent Acquisition team. We will reach out to our preferred agency partners in the rare instance we require additional talent options. Your respect for this process is appreciated.
- Salary Offer $165,000/yr - $185,000/yr
- Address USA (Remote)
- Experience Level Senior
- Total Years Experience 5-10