Cloud Security Engineer

Division Information

Spectrum Brands is a home essentials company trusted by millions of consumers all over the world. Our brands improve the way people live life at home - from making their meals, looking their best and caring for their pets to and cleaning their homes and freeing their space from unwanted weeds and pests. Building on our long legacy of products from trusted brands such as FURminator®, DreamBone®, Russell Hobbs®, Tetra®, GloFish®, Remington®, Cutter®, and Spectracide®, we deliver high-quality, reliable products. We strive to use consumer insights to fuel innovation. Our long-trusted brands provide the newest solutions to improve the way people live life at home, ultimately exciting consumers. Because we are structured for growth and efficiency, we can serve more consumers, customers and stakeholders around the world every year. We are led by our values of trust, accountability and collaboration to serve others through this common mission: We make living better at home.

Spectrum Brands’ global enabling functions, including Finance, Legal, IT, Human Resources, Supply Chain, and Commercial Operations, provide enterprise-wide strategy, structure, and common processes to deliver the knowledge and expertise that helps our businesses grow. Enabling functions may operate as a center-led global team, providing a central strategy, structure, and standards; or as business partner teams, with resources embedded within the businesses to deliver business unit-specific results. **

Job Summary**

The Cloud Security Engineer is responsible for supporting the security program, which includes providing security expertise in the analysis, assessment, development, and evaluation of security solutions to secure cloud applications, operating systems, databased and networks for IaaS, PaaS, and SaaS cloud deployments. The Cloud Security Engineer will be integral in the evolution of the visibility, compliance, data security and threat protections within cloud platforms.

The Cloud Security Engineer will support the cloud access security broker environment, establish and drive the decision-making and implementation for the network, platform, and application security architectures design solutions and report efforts to Senior Management.

The role assesses risks, threats, and vulnerabilities in accordance with accepted business and regulations to ensure security design integrity, availability, and confidentiality compliance within cloud architectures. This position supports Spectrum Brands’ global divisions. **

Primary Duties & Responsibilities**

• Provide leadership in the designing, implementing and delivering security for cloud native, distributed computing and architectural solutions to provide optimal security and performance.
• Design and deploy state-of-art technology to meet the business needs and interface with business units regarding risk mitigation planning.
• Develop security migrations plans, research solutions to security technical issues, and provide security technical leadership and guidance during the engineering design and build phase.
• Perform system testing and recommend remediation efforts for system vulnerabilities.
• Communicate key differences between cloud provider solutions and cloud orchestration tools to Senior Leadership.
• Knowledge of virtualization, containers, service-mesh and enterprise service business.
• Utilize best practices and industry risk tolerances frameworks.
• Monitor security controls, audit cloud environments and detect for possible security incidents.
• Monitor for potential threats, identification of trends, and assessment of system vulnerabilities.
• Investigate current cyber security threats and provide IT leadership with timely communication updates.
• Establish and drive the decision-making for cloud infrastructure and application security architecture design and implement solutions to difficult engineering and security problems.
• Drive the use of security tools to analyze, assess, and prioritize resolution based on the potential impact.
• Develop enterprise security solutions to meet business goals and support IT counterparts around the globe.
• Work with teammates and the larger security community to maintain and improve security tools that align and facilitate modern security best practices.
• Identify the right combination of people, process and technology to improve vulnerability detection capabilities.
• Provide extensive subject matter expertise in cloud access security broker technology; securing AWS, Azure, cloud hosted systems, data loss prevention, insider threat management, privilege access management.
• Provide guidance in a layered security defense in depth strategy to protect the confidentiality, integrity and availability of sensitive data and mission critical assets, forensics, creating reports with metrics; and knowledge of data protection and privacy law
• Identify and drive remediation risk within public and hybrid cloud solutions
• Enforce all company policies and procedures.
• Plan, research, design, and implement elements of information security hardware and software technologies.
• Research, recommend and develop hybrid, private and public cloud security and risk mitigation solutions.
• Prepare documentation, including department policies and procedures, business notifications, and security alerts.
• Complete other duties as assigned.

Education and Experience Profile

• Minimum Associate degree in Computer Science or equivalent, Bachelor’s degree is preferred.
• A minimum of 1 years of relevant experience with a combination of functional technical experience with aspects of major enterprise business systems, related technologies and experience engineering secure solutions within IaaS/PaaS/SaaS cloud platforms.
• Must have experience with or in:
  • Cloud security strategy, cloud provider ecosystems (Azure, AWS, Google) and migrating Enterprise from traditional data center Infrastructure, Application and Data designs to hybrid or fully-cloud enabled practices.
  • The development, deployment, and automation of security solutions in an enterprise cloud-based environment.
  • Cloud infrastructure compute, network and storage as well as the cloud control plane
  • Supporting enterprise vulnerability management across IaaS, PaaS, and/or SaaS and mitigation techniques.
  • Azure Defender Office/Endpoint/Identity, Azure Security Center, Azure Security and Identity (MFA, SSO, AAD), and Azure Sentinel.
  • CI/CD development pipelines and integrating security into the development processes.
  • Public/private repositories, product/project management tool suites.
  • Common scripting languages.

Required Skills

• Solid knowledge of cloud networking architecture, cloud operations, security, automation, and orchestration
• An understanding of identity federation, authentication, and authorization (SAML, OIDC, OAuth).
• Solid understanding of information, host and network security, common intrusion techniques, and risk management concepts in a cloud environment.
• Must maintain high level of confidentiality and professionalism.
• Excellent interpersonal skills to enable building working relationships.
• Ability to work in a team environment and work collaboratively.
• Strong interpersonal communication skills with an emphasis in being able to manage different personality styles and cultural differentiation are required.
• Excellent verbal and written communications skills with the ability to effectively interact with business stakeholders.
• Strong attention to detail, problem-solving, and analytical skills.
• Proven ability to manage multiple projects with varying degree of responsibility; must have effective time management and delegation skills.
• Must be a self-starter capable of multitasking and efficiently managing your time in a dynamic environment while requiring minimal levels of supervision.

Work Environment

• Remote opportunity
• Up to 5% travel required (domestic only).

The above information on this description has been designed to indicate the general nature and level of work performed by employees within this job/classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.