Search Our Career Opportunities

Lead Cloud Security Engineer

Date: Jul 5, 2019

Location: Milwaukee, WI, 53202

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference. 

What's the role?

The cloud security engineer helps architect, deploy and operate a secure cloud application infrastructure that aligns with business needs. The position is responsible for supporting operational innovation and providing security direction to the business to elevate the company’s security posture within a cloud computing infrastructure. An advanced role, the cloud security engineer helps deliver applications at scale and with resiliency to support business initiatives. The cloud security engineer is also expected to possess advanced administrative and troubleshooting skills, and be knowledgeable about architecture, engineering and design principles. The cloud security engineer should be adept at dealing with disparate applications and data systems to maintain the level of rigor required to adhere to business direction. Along with depth of system coverage, the role requires planning and design of policies and maintenance. 

 

In tandem with security leadership, cloud security engineers consistently assess the threat landscape and adapt quickly to protect the business from risk. They must be highly technical and possesses at least 5-7+ years’ experience in security and systems administration across a wide variety of cloud infrastructure, including software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS). They are also expected to have a strong work ethic, leverage analytical and critical thinking, and be skillful at meeting change requests at a moment’s notice. Because the role often interfaces with other business units, strong listening and communication skills are expected.

 

Essential Job Duties

  • Develop and maintain secure, resilient enterprise-grade cloud patterns and processes in tandem with architects and system engineers.
  • Focus on integration and automation of services to drive efficiency of testing and remediation of findings.
  • Align with architects and development teams for a mission of secure design.
  •  
  • Provide guidance on securing existing business applications and computing environments across multiple cloud environments.
  • Protect business applications in compliance with privacy, security, business resiliency and compliance frameworks as defined in corporate policies.
  • Hep the organization maintain a consistent, secure environment through automation and code-based configuration management. Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.
  • Employ strong identity and access management (IDAM) controls across applications and computing environments.
  • Assist with development, maintenance and utilization of scripts in technologies such as Lambda to support custom security controls in the computing environment.
  • Continually refine and adapt security review processes to ensure all tools, technology and processes are operating at optimum capacity and efficiency.
  • Attend regular technical project and implementation meetings and serve as the security consultant to help guide secure application and infrastructure configurations.
  • Actively monitor, assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments.
  • Manage remediation efforts after security assessment findings outline weaknesses requiring attention.
  • Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
  • Assist in maintaining strong oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered.
  • Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Apply learned knowledge across key lines of business, including products, practices and procedures.
  • Accountable for preparing and delivering quality security deliverables that comprehensively and clearly explain risk, demonstrate findings, and offer tactical and strategic recommendations to both technical and non-technical clients.
  • Act as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teams.

 

Requirements

  • Strong understanding of applicable frameworks from NIST, CIS and CSA.
  • At least 5-7+ years’ experience in cybersecurity as a practitioner and with at least 2-3+ years exposure with Amazon Web Services (AWS), Microsoft Azure or VMware.
  • Strong Linux and Windows support skills.
  • Experienced in cloud networking architecture and cloud operations, with cloud access security broker (CASB) experience preferred.
  • Familiarity with 3rd party cloud security security solutions such as well as tools such as Docker, Kubernetes and AWS CloudTrail.
  • Experience and understanding of various regulatory requirements and laws.
  • Up-to-date understanding of a wide-range of incident response, system configuration, vulnerability management and hardening guidelines.
  • Proficiency in software development or scripting (Java, Python, JavaScript, PowerShell, Bash, etc.).
  • Solid understanding of network and web protocols.
  • Experience with intra-company and third-party APIs and associated protocols, such as JSON, REST or SOAP.
  • Experience in development of applications through automated deployment and orchestration services, such as GitLab, Jenkins, Ansible or Kubernetes.
  • Experience with container security.
  • Experience with applications hosted in Amazon Web Services (AWS) and/or Microsoft Azure, preferably within a Agile / DevOps / SRE operating models.
  • Experience with cryptography controls and underlying concepts to secure data.
  • Deep knowledge of defense-in-depth design and operational concerns.
  • Strong ability to independently identify and resolve critical and complex issues through effective problem-solving skills.
  • Strong ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners.
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious, adaptable and communicating effectively.
  • Proven organizational savvy with demonstrated tact and diplomacy.
  • Experience in threat modeling applications.

 

Experience Requirements

  • Bachelor’s degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or related field. 
  • At least 5+ years’ experience in cybersecurity, including compliance and risk management with a
  • system and network security engineering background.
  • Highly technical and analytical experience, with a proven deep background (preferred 5+ years’ in
  • addition to cybersecurity) in application programming, scripting or integration.
  • Min of 5-7 years of equivalent experience with web/mobile application and/or network penetration testing.
  • Relevant certifications from SANS, ISC(2) and associated technology partners.

 

Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now! 

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

 

Req ID: 25362
Position Type: Regular Full Time
Education Experience: Bachelor's Required
Employment Experience: 6-8 years
Licenses/Certifications:
FLSA Status: Exempt
Posting Date: 06/06/2019