Position Details: Senior Cloud Security Engineer- 947081T
Corporate Information Security: Enterprise Solutions & Delivery, Senior Cloud Security Engineer
Client does more than outfit the world’s best athletes. We are a place to explore potential, obliterate boundaries, and push out the edges of what can be. We’re looking for people who can grow, think, dream and create. We thrive in a culture that embraces diversity and rewards imagination. We seek achievers, leaders and visionaries. At Client, it’s about bringing what you have to a challenging and constantly evolving game.
Client Global Technology brings together technology and process expertise to create value for the consumer. We deliver one-stop, integrated process and technology capabilities that enable client's businesses and brands worldwide. Our focus is on providing Lean solutions that eliminate waste, maximize consumer value, and drive profitable business growth.
As our Senior Cloud Security Engineer, you will use your extensive knowledge of cloud security principles and technologies, industry best practice, professional experience, collaboration and good judgment to inform and deliver on an information security strategy and roadmap. You will influence the direction of information technology at Client as it relates to adoption of Cloud services and infrastructure, reviewing and influencing decisions on migrating from on-premise data centers to cloud platforms such as Azure, AWS, Google Cloud Platforms, etc.
- Takes strategic direction and defines frameworks, roadmaps, and informs reference architectures that incorporate enterprise standards and direction to improve the global corporate security posture while addressing risks;
- Provide detailed input into the creation of the annual Cloud Security budget;
- Work with Business IT teams to continually improve the security posture of their application portfolios;
- Inform and aid in the development of a multi-year IT Security Strategy that outlines key initiatives in support of the client Information Security Strategy;
- Create a sustainable security framework to allow secure technology standardization;
- Provides thought leadership within highly visible projects and initiatives to ensure appropriate security controls are in place to protect Client data;
- Develop business cases for the adoption of new technology, standards and processes;
- Review projects for security concerns and provide security guidance to business partners, engineering, governance, and support teams;
- Support management in understanding architectural information risk within/against client;
- Analyze market and security trends and adjust the strategic roadmap accordingly;
- Stay current on security technologies, trends, standards and best practices; and
- Other duties and responsibilities as assigned.
- Advanced knowledge of information security standards, principles and practices
- Advanced knowledge of securing various network types including managed data centers and cloud-based networks
- Demonstrated relevant security expertise in implementing secure solutions and services for a mix of the following areas:
- Network Devices, Server Operating Systems (Windows / Linux), Workstation Operating Systems (Windows / MacOS), Cellular/Mobile Device technology, Storage Devices, Virtualization, IDS&IPS Technologies, SIEM Technologies Secure, Encryption, PKI, Identity Management, Certificate Management, File Integrity Monitoring
- Knowledge in the following areas are highly desirable:
- Secure Web Gateways, Data Loss Prevention, Application Security, Database Security (Oracle/MySQL), Compliance - SOX, PCI, ISO 27001, Cloud, Colocation, Cloud Technologies, Forensics, Cyber Intelligence National and International Privacy laws and regulations
- Proficient at the techniques that go into the implementation of solution architectures, including requirements discovery and analysis, application of abstraction, formulation of solution context, solution alternatives identification and assessment, technology selection, and implementation
- Experience with Python programming language
- Experience with building CD pipelines with toolsets like Jenkins, CircleCI, Artifactory, etc.
- Experience with delivering and managing solutions on AWS, Azure and/or GCP
- Experience with containers, container runtimes (i.e. Kubernetes), and/or serverless technologies
- Experience in developing cloud native applications, APIs, and data pipelines
- Ability to successfully elicit requirements from appropriate business partners and stakeholders (e.g. functional, performance, technical, compliance)
- Self-directed and comfortable with working in a fast-paced, results-oriented, and often ambiguous environment
- Takes pride work, showing focus, high attention to detail, and build quality
- Critical thinking and proactive problem solving
- Excellent verbal and written communication skills to effectively communicate with both business and technical teams
- Desire to learn and continually improve self and others through knowledge sharing
- The ability to assess risk and translate it to business relevant considerations and facts
- The ability to learn and apply new concepts quickly
- Proven analytical and problem solving ability
- Excellent organization, and interpersonal skills with the ability to appropriately communicate and translate complex security risks to dollars
- Ability to balance and prioritize work
- Must be trustworthy in keeping sensitive data confidential
- Bachelor's degree in computer science or related filed, or 5+ years work experience
- CCSP, CISSP, CCNA, CISM, OSCP or related certifications strongly preferred but equivalent knowledge will be considered.