Cloud Security Architect , Vulnerability Management – Utah or Tempe
The Company has experienced significant growth serving some of the most innovative companies in the world. Our clients are forward thinkers. True believers. Optimists. Inspired by them, we are changing the face of banking. Our clients have redefined products in many areas of the global economy, and every day we power their ability to do so. And we need leaders with the same can-do attitude as our clients. We're looking for creative thinkers who want to challenge the status quo and create a truly seamless digital banking experience on a global scale.
In this newly created role, you will drive The Company’s vulnerability management cloud program implementation. You will establish processes and governance for a successful cloud vulnerability remediation program, working with technology partners to determine an appropriate remediation approach for cloud assets. With your unique blend of cloud engineering experience and vulnerability management expertise you will be the subject matter expert in cloud vulnerability management. As part of our collaborative teams, you will produce actionable results by working with IT asset owners, management, and other subject matter experts to ensure our cloud environment is secure.
Qualifications:
· Deep understanding of vulnerability remediation. Core competency is giving remediation advice to end-users(IT Administrators) to resolve vulnerabilities.
· Proficient in AWS EC2,RDS, Lambda, EKS - understanding of mechanisms and methods used to deploy compute in AWS.
· Experience and working knowledge of network architecture, subnetting, and TCP/IP protocols, and OSI model layers and protocols at each model layer
· Understanding of international and United States laws and regulations impacting cyber security and personal data privacy, including GLBA, SOX, and the FFIEC Information Security requirements
· Working knowledge of security frameworks and control references such as NIST CSF, CIS 20, COBIT, PCI DSS, OWASP, ISO 27000 family and NIST SP 800 series.
· Familiar with various security architectures and methodologies (Defense in Depth, Segmentation, Least Privilege, Zero-Trust, Kill-Chain, etc.)
Skills:
· Excellent analytical and problem solving skills
· Ability to demonstrate empathy while seeking common interests; effective problem and conflict resolution skills
· Familiar with government security standards and regulations including GLBA, SOX, PCI, COBIT, ITIL
· Familiar with various security architectures and methodologies (Defense in Depth, Kill-Chain, NIST, Critical Controls, OWASP, etc.)
· Leadership qualities, desire to influence horizontally and vertically, and mentor team members.
· Excellent written and verbal communication skills
Education/Experience:
· Bachelor’s degree in management Information Systems, Computer Science, and/or Business, or equivalent work experience
· 1-2+ years working in IT security domain
· Experience with AWS cloud services and security tools
· Experience with SIEM technologies
· Experience with AWS in a security environment preferred
· Experience working with Windows and Linux operating systems
· Experience with rapid7 insightVM and vulnerability assessments
Certifications:
One or more of the following professional certifications: CISSP, CISM, SANS GIAC, CISA,CCNA, Security+, AWS Solutions Architect, AWS Security Specialist (or willingness to obtain within 6 months).
