Security Engineer

Job Title: Security EngineerLocation: Allentown PA - Pennsylvania Job Description: Job Title: Azure Cloud Security EngineerLocation: Allentown, PAIs remote option available during COVID: Yes Role Description:The Cloud Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. Additionally, the Cloud Security Engineer assists in the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in this environment.Key Responsibilities:1. Experience with IT and cybersecurity architecture across the systems development lifecycle in cloud security engineering, requirements development, implementation, and maintenance.2. Serves as the subject matter expert (SME) on Cloud Security, Develops standards, policies and procedures as well as best practices documentation.3. Participate in efforts that tailor the company’s security policies and standards for use in cloud environments4. Translate security and technical requirements into business requirements and communicate security risks to different audiences ranging from business leaders to engineers.5. Propose and/or design technical solutions, which include creating prototypes and proofs of concept while maintaining a security mindset6. Lead and influence multi-disciplinary teams in implementing and operating Cyber Security controls.7. Work closely with application developers and database administrators to deliver creative solutions to complex technology challenges and business requirements.8. Provides Info security architecture & systems engineering consulting to other IT and business teams.9. Automate security controls, data and processes to provide better metrics and operational support10. Experience with Identity and Access Management architectures and solutions, including Azure Active Directory management, role-based access control, SSO, MFA, and identity lifecycle management.11. Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments12. Stay current on emerging security threats, vulnerabilities, and controls.13. Identify and implement new security technologies and best practices into Cloud offerings14. Evaluates new technologies against established requirements and validate the security of the technology.15. Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure16. Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIR/IR) teams17. Supports the monitoring and maintaining network security suite of tools.18. Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis19. Engineering design, test and implementation of secure and reliable network connectivity user the zscaler suite of products and CyberArk.20. Migration from legacy VPN connectivity to Zscaler for the targeted users group.21. Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc).22. Experience with Azure Resources deployment and Azure Policy23. Own the complete security controls baselines for multiple Azure Tenants, Subscriptions, and Resources.24. Apply a risk-based approach to anticipate the need to add/update Azure security controls leveraging security expertise, partner feedback, industry trends, and other data insights. Continuously assess the baseline security control’s effectiveness.25. Extract logs from Azure Log Analytics, Activity logs etc. Qualifications:• 10+ years of IT Experience• 5+ years’ experience building and integrating systems in cloud environments• Cloud environment knowledgeo Networking Virtual networks (addressing and interconnectivity), access controls (security groups and ACLs), endpoint services, address translation, application and network load balancing, API gatewayso Identity and Access Management Users, groups, roles, service principalso Compute and Serverless Virtual machines (type selection, backups, image creation/management, performance scaling), serverless functions and event bridgingo Storage Table, containers, block storage and file shares (versioning, encryption, performance optimization, lifecycle management, access logging)• Scripting and/or programming skills• Proficiency with Windows and Linux Operating Systems• Proficiency with accessing APIs to complete tasks or achieve automation• Knowledge of cloud providers (Azure Cloud Platform)• Zscaler, CyberArk, Sentinel• Knowledge of HTTP and web programming• Knowledge of CloudFormation Templates, Terraform, Ansible• Knowledge of secrets management and vaulting technologies• SQL or other query languages• Log analysis software and techniques• Familiarity with Agile and other project methodologies• CISSP Certification is desirable but not required• Azure Security certificationg jewelATsierrasoln.com