Cloud Security Engineer

Job Description

Summary of Position

As a member of the Starz DevOps team, the Cloud Security Engineer will focus on AWS Cloud Security best practices around implementation and management of the Starz enterprise cloud infrastructure. To be considered, you must have experience with securing Production workloads running on AWS cloud using IaC methodology, scripting skills, and automated build pipelines, as well as possess knowledge on AWS Best Practices and AWS Well-Architected framework. You should hold AWS Security Specialty Certificate, or be able to achieve one within 6 months of employment.

Responsibilities
• Design, architect and implement cloud infrastructure per AWS Well-Architected framework with Security in mind and SecDevOps mentality

• Provide guidance to developers and other technical stakeholders on AWS Security and educate members on their responsibility around Security

• Document systems architecture, configuration & deployment plans with Security aspects in mind

• Construct and maintain SecDevOps CI/CD Pipelines using Terraform, Bamboo, Jenkins, and/or AWS Code Pipeline tooling

• Be efficient in scripting languages and capable of writing gluing code for cloud automations

• Establish, document and follow security practices for applications running in the Cloud

• Direct junior team members activities, evaluating risk and participating in code reviews while mentoring on both AWS Services and Security

• Fine tune Security alerts and respond to Security incidents

• Troubleshoot production issues and perform on-call duties for a variety of AWS implementations

Qualifications & Skills
• Bachelor's degree with an emphasis in Computer Science, Computer Information Systems, or similar discipline, or equivalent combination of education and experience.

• 5+ years' experience in AWS Cloud architecture.

• 7+ years' experience of experience working in Linux and Windows environments

• Must have deep knowledge on AWS IAM & KMS services

• Knowledge of TCP/IP networking, SMTP, HTTP, load-balancers and VPC's

• Experience with AWS EC2, S3, Beanstalk, CloudFront, Route53, Lambda.

• Experience scripting one or more of the following Python, Typescript, PowerShell, PHP, or NodeJS

• Familiar with SDLC (Software Development Life Cycle) processes

• Experience with centralizing, querying, and setting up alerts based off AWS CloudTrail, AWS Config, and VPC Flow Logs

• Experience with IDS & IPS tools

• Experience using enterprise logging applications (Splunk)

• Experience with Container services (Docker)

• Experience with high availability architectures (AWS Multi-AZ/Multi-region)Experience with build automation and server orchestration (i.e. Bamboo, Terraform, Jenkins, Puppet, Chef, Cloud Formation)

• Strong knowledge of recent Windows Server versions

• Strong knowledge of Linux (Ubuntu, RedHat, Amazon Linux and CentOS)

• Experience working with agile development methodology.

• Strong written and verbal communication skills.

• Be able to openly collaborate and communicate in a cross functional organization.

• Ability to mentor junior members of the team

• Self-motivated, able to self-prioritize, and able to deal with ambiguity.

Nice to Haves
• Experience coding in one or more of the following languages Python, TypeScript, Java, .NET, GO

• AWS API Gateway, ECS Fargate, Kubernetes

• Experience with AWS Security Hub

• Experience with Amazon Athena, GuardDuty, TrustedAdvisor, Inspector, Macie, Detective, WAF, AWS Advanced Shield, and AWS Network Firewall services

• Experience with AWS Landing Zone or Control Tower

• AWS Security Specialty certified

• AWS Solutions Architect or DevOps Engineer certification

• Certified Cloud Security Professional (CCSP)

• CRISC, CISA, CDPSE, or related certifications

Our Benefits
• Full Coverage – Medical, Vision, and Dental

• Work/Life Balance – generous sick days, vacation days, 11 holidays, and Impact Day

• 401(k) company matching

• Reimbursement – Rideshare Program and Tuition (up to graduate degree)

Compensation

$109,000 - $172,400

EEO Statement

Nearest Major Market: Denver

Jobcode: Reference SBJ-d2yq65-18-217-144-32-42 in your application.