Cloud Security and Access Control Engineer
Overview The successful candidate will be a subject matter expert with hands-on experience with cloud technologies, tools and methodologies with a particular focus on Microsoft Azure. The role is suited for an experienced Cloud Engineer with proven understanding in enterprise security and will focus on building tool sets and processes to support Navy’s Cloud program. Navy’s Cloud Organization fosters a collaborative environment and is building a best-in-class Cloud program that protects Navy Federal information and cloud compute environments. Responsibilities
Contribute to the vision, strategy, and drive execution for integrated security controls across Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) for Navy’s Azure environment.
Able to demonstrate clear understanding of current risks and threats to Cloud infrastructure and/or IT infrastructures at technical and manager audiences.
Drive Identity and Access Management (IAM), configuration management, and monitoring strategy for Azure.
Provide security consultancy and engineering support for cloud security solutions including analysis and development of Azure and other security solutions.
Provide architecture assurance on Cloud security initiatives and compliance of existing security standards interfacing with infrastructure and development teams.
Maintain the security infrastructure tools that are built on the Cloud platform, providing stability and policies and procedures.
Support the development and delivery of a comprehensive ISP for the entire organization.
Develop and maintain documentation of all Security products including specific tools, technologies and processes.
Participate in Information Security Incident Response activities for the NFCU’s environment.
Respond to security vulnerabilities identified through periodic and on-demand system audits and vulnerability assessments of Cloud services.
Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
Manage remediation efforts for any gaps reported in audits or recommended process improvements.
Actively monitor new and emerging cloud security technologies, trends, issues, and solutions and assess their applicability to Navy Federal’s cloud strategy.
Qualifications
BS Degree in Computer Science, Information Technology, or similar field or study required.
Hands-on experience with Access control technologies such as Azure AD B2C; SAML SSO, oAuth 2.0 configuration, set-up and operations management.
Experience with certificate management for IaaS and PaaS elements.
Experience with Azure AD, Azure Resource Management Templates and Azure policies.
Experience with Azure Key Vault integration and key management.
Experience with VSTS release management for Azure Key Vault and other IaaS and PaaS elements.
Hands-on development and scripting skills in PowerShell 5.
7+ years’ experience working in a technical role with a minimum of 3 years’ experience focused on information security and access control.
Experience with Microsoft Defender for cloud.
Experience with Microsoft defender for cloud Apps and Defender for endpoints.
Experience with Azure Devops permission management and overall governance.
Experience with Azure conditional Access and Privileged Identity Management PIM.
Experience with Azure Identity Governance.
Understanding of encryption options in Azure such as CMK with DES and TDE.
Working knowledge of App registration management and enterprise Applications.
Strong knowledge of information security and access controls.
Industry certification (CISSP, CISA, CISM, CEH) of high interest.
Financial industry experience preferred.
Experience with Sentinel and Azure Purview.
Hours: Monday - Friday, 8:00AM - 4:30PMLocation: 820 Follin Lane, Vienna, VA 22180 | 5510 Heritage Oaks Drive Pensacola, FL 32526 | 141 Security Drive Winchester, VA 22602 | 9999 Willow Creek Road San Diego, CA 92131About Us Navy Federal provides much more than a job. We provide a meaningful career experience, including a culture that is energized, engaged and committed; and fierce appreciation for our teams, who are rewarded with highly competitive pay and generous benefits and perks. Best Companies for Latinos to Work for 2024 Computerworld® Best Places to Work in IT Forbes® 2024 America's Best Large Employers Forbes® 2023 The Best Employers for New Grads Fortune Best Workplaces for Millennials™ 2023 Fortune Best Workplaces for Women ™ 2023 Fortune 100 Best Companies to Work For® 2024 Military Times 2023 Best for Vets Employers Newsweek Most Loved Workplaces Ripplematch Campus Forward Award - Excellence in Early Career Hiring Yello and WayUp Top 100 Internship ProgramsFrom Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license. Fortune and Fortune Media IP Limited are not affiliated with, and do not endorse products or services of, Navy Federal Credit Union.Equal Employment Opportunity: Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability EOE/AA/M/F/Veteran/DisabilityHybrid Workplace: Navy Federal Credit Union is a hybrid workplace, and details will be discussed during your interview process.Disclaimers: Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position. Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team’s discretion based on qualified applicant volume. Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market positionBank Secrecy Act: Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.REQNUMBER: 21290-OTHLOC-100005087415542