Cyber Command Cloud Security Engineer

Title: Cyber Command Cloud Security Engineer

Client: NYC Agency

Location: New York, NY (Hybrid)

Duration: 12 Months

Work Hours: 35 hrs/week

Description:

• Perform organization wide cybersecurity cloud security risk analysis and articulate identified risks within the agency.

• Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the agency

• Create and follow a process to track progress against engagements with the agency

• Create reporting matrix for identified assessment risk to collect communication flow information, and build high level and low-level documents

• Work on CASB and Cloud DLP, interact with vendor support teams, and drive the deployment to resolution

• Translate compliance requirements into specific security controls and present compensating security controls

• Report to upper management on current cybersecurity posture and progress on mitigating identified risks

• Create metrics to measure cybersecurity controls efficacy

• Monitor and respond to risk identified to aid the agency on resolution

• Review and optimize existing cybersecurity controls

• Ensure the organization compliance with cybersecurity best practices, policies and standards

• Enforce Cloud security standards

• Analyze vulnerabilities and work with the various teams to ensure timely remediation and validation

• Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments

Requirements:

• Bachelor s degree in computer science, Information Systems or equivalent work experience

• At least 12 years of experience in information security

• At least 8 years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management

• At least 8 years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management

• At least 4 years of experience working in cloud environment (Azure, AWS, Google Cloud Platform)

• At least 4 years of experience working in securing Internet-facing applications, utilizing MS Entra AD, MS Defender for Office, Skyhigh CASB and Cloud, SSE solutions

• At least 4 years of experience working with tools and techniques for collecting and processing Telemetry and Security Event Data.

• At least 4 years of experience architecting, deploying, and managing cloud security and/or EDR technology

• Experience using scripting languages (Python, Bash, Powershell, etc.)

• At least 4 years of experience with Windows, Linux, or MacOS administration

• Experience working with vulnerability management and scanning tools

• Experience working with application scanning tools

• Strong documentation skills and attention to detail

Desirable Skills:

• Experience deploying PAM solutions in a large, distributed environment or a service provider environment

• Experience in implementing and operating Data Loss Prevention Systems

• Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy

• Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls

• Strong understanding of CIS controls

• Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems

• Experience with SSO and IAM products and services such as Entra ID

• Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies

• Familiarity with ZTNA/SSE products

• Familiarity with CASB/SASE products

• Experience with Cloud-based EDR/XDR tools

• Experience working with vulnerability management and scanning tools

• Experience working with application scanning tools

• Knowledge of endpoint security management, configuration policies, and procedures

• Experience with asset management and on-prem/cloud-based vulnerability management tools

• Highly flexible/willing to learn new technologies

• Highly organized with excellent analytical, problem solving and decision-making skills

• Excellent communication and collaboration skills

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Title: Cyber Command Cloud Security Engineer

Client: NYC Agency

Location: New York, NY (Hybrid)

Duration: 12 Months

Work Hours: 35 hrs/week

Description:

• Perform organization wide cybersecurity cloud security risk analysis and articulate identified risks within the agency.

• Create, socialize and obtain approval for cybersecurity strategy and plans to address generic and specific cybersecurity risks to the agency

• Create and follow a process to track progress against engagements with the agency

• Create reporting matrix for identified assessment risk to collect communication flow information, and build high level and low-level documents

• Work on CASB and Cloud DLP, interact with vendor support teams, and drive the deployment to resolution

• Translate compliance requirements into specific security controls and present compensating security controls

• Report to upper management on current cybersecurity posture and progress on mitigating identified risks

• Create metrics to measure cybersecurity controls efficacy

• Monitor and respond to risk identified to aid the agency on resolution

• Review and optimize existing cybersecurity controls

• Ensure the organization compliance with cybersecurity best practices, policies and standards

• Enforce Cloud security standards

• Analyze vulnerabilities and work with the various teams to ensure timely remediation and validation

• Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments

Requirements:

• Bachelor s degree in computer science, Information Systems or equivalent work experience

• At least 12 years of experience in information security

• At least 8 years in IT infrastructure management, application architecture, risk management, data architecture, middleware technology, and IT operations and project management

• At least 8 years of experience with networking, load-balancing, DNS, TLS/SSL digital certificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity management

• At least 4 years of experience working in cloud environment (Azure, AWS, Google Cloud Platform)

• At least 4 years of experience working in securing Internet-facing applications, utilizing MS Entra AD, MS Defender for Office, Skyhigh CASB and Cloud, SSE solutions

• At least 4 years of experience working with tools and techniques for collecting and processing Telemetry and Security Event Data.

• At least 4 years of experience architecting, deploying, and managing cloud security and/or EDR technology

• Experience using scripting languages (Python, Bash, Powershell, etc.)

• At least 4 years of experience with Windows, Linux, or MacOS administration

• Experience working with vulnerability management and scanning tools

• Experience working with application scanning tools

• Strong documentation skills and attention to detail

Desirable Skills:

• Experience deploying PAM solutions in a large, distributed environment or a service provider environment

• Experience in implementing and operating Data Loss Prevention Systems

• Experience of information security principles and practices, especially the implementation of practical technical controls to support organization policy

• Strong understanding of networking protocols, firewalls, and cybersecurity protection concepts, including software development lifecycle, and compensating controls

• Strong understanding of CIS controls

• Experience with Syslog-NG, LogScale (Humio) or similar SIEM/log aggregation systems

• Experience with SSO and IAM products and services such as Entra ID

• Experience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxies

• Familiarity with ZTNA/SSE products

• Familiarity with CASB/SASE products

• Experience with Cloud-based EDR/XDR tools

• Experience working with vulnerability management and scanning tools

• Experience working with application scanning tools

• Knowledge of endpoint security management, configuration policies, and procedures

• Experience with asset management and on-prem/cloud-based vulnerability management tools

• Highly flexible/willing to learn new technologies

• Highly organized with excellent analytical, problem solving and decision-making skills

• Excellent communication and collaboration skills

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.