Sr. Security Engineer
Apex Systems is seeking a Sr. Security Engineer for a large Energy Company out of South Florida. This position is 100% REMOTE and a Direct Hire (Permanent) position. We are not able to work C2C or 1099 for this role, just candidates that are able to work on a W2 basis. If you are interested in this role, please send me your updated resume to John Baer at firstname.lastname@example.org.
This is a Security Engineer role within the Security Engineering team with no supervisor responsibility. This position has formal responsibility for the work products (timing, budget, quality, completeness) of their projects. The position provides guidance and technical/business expertise and adds measurable value through planning, coordination and/or communication. This position’s primary focus is providing Cloud Security Engineering for extensive cloud environment and as needed provide support to external clients. These work responsibilities include:
Independently contribute ideas and process improvements and look for creative solutions and better ways of doing things to continuously improve information security at this client.
Make appropriate, timely and effective decisions that support the company and its business
Act as security subject-matter-expert for Cloud Security by providing best practice guidance on how systems should be deployed or architected
Ensure security is integrated into all cloud architecture solutions.
Perform expert-level systems AWS development and design work that may include logical system design; I/O design; cloud architecture analysis and design; and systems engineering
Provide hands-on technical design and implementation ensuring technologies are successfully incorporated into our environments
Design and develop cloud-specific security policies, standards, and procedures
Develop security technical roadmaps for future AWS cloud implementations
As necessary perform or lead threat modeling exercises for cloud development
Periodically perform risk and vulnerability assessments of cloud infrastructure to assess the information security risks to the Company. Recommend mitigating controls or procedures to eliminate or minimize identified risks
Represent information security considerations in approved System Development Life Cycle, Change Management, Production Support, and technology-enabled projects
Design and define AWS architecture for new secure cloud computing systems or existing
systems migrating to cloud architectures
Continuously identify, evaluate, rate, and report internal and external threats to the company’s information security posture. Evaluate, recommend, and implement reasonable security systems and/or procedures to mitigate identified threats
Understand security trends and best practices within the industry and align them within company business directives
Document all technical issues, analysis, client communication, and resolution.
Prepare and publish Information Security reports as directed by management.
The incumbent has in-depth knowledge and expert status in one or several key areas of expertise that is central to the company’s success. The position knows how their discipline interrelates with other parts of the company.
The following technical experience is strongly desired
A practitioner of AWS Well-Architected Framework with emphasis on the 'Security' pillar and AWS Security Reference Architecture (AWS SRA), knowledgeable and experienced with common Cloud reference architectures, security standards, best practices, control frameworks and an eye towards simplification
Experience with Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)
Partner with engineering teams across the company to prioritize security issues identified during Security Due Diligence and Application Security Reviews.
Provide expert advice and consultancy to customers on risk assessment, incident triage, threat modeling, and security vulnerability mitigation
Dive deep with threat modeling and data flows to find underlying security issues
Provide assistance with metrics delivery and improvements
Strong documentation skills
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at email@example.com or 844-463-6178.