Lead Cloud Security Engineer

Job Description

As a Lead Cloud Security Engineer, you will play a key role in designing, deploying, and maintaining a secure cloud application infrastructure that meets the business needs. Your responsibilities will include providing security guidance to the company, supporting innovation, and ensuring that the cloud computing infrastructure is secure. You will also be expected to have advanced skills in troubleshooting and administration, as well as knowledge of architecture, engineering, and design principles.
You will work closely with security leadership to assess the threat landscape and adapt quickly to protect the business from risk. With at least 5-7 years of experience in security and systems administration across various cloud infrastructure, including SaaS, IaaS, and PaaS, you will possess the necessary technical expertise to deliver applications at scale and with resiliency to support business initiatives. Along with strong analytical and critical thinking skills, you will need to be highly adaptable and able to meet change requests at a moment's notice. As the role involves interfacing with other business units, excellent communication and listening skills are essential. Overall, your goal is to maintain the level of rigor required to adhere to business direction while planning and designing policies and maintenance.

ESSENTIAL FUNCTIONS:   Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties.

Security Compliance:

• Implement and manage Security Compliance processes and strategies in alignment with Microsoft's and Azure's best practices.
• Review and analyze existing system controls for regulatory compliance and security policy adherence.
• Collaborate with teams to ensure compliance with ISO 27001, GDPR, SOC 2 and other relevant security compliance frameworks.
• Support audit processes through documentation and remediation of non-compliant findings.

Protective and Detective Controls:

• Deploy protective and detective measures by designing and implementing security controls.
• Work closely with the IT team to deploy and monitor Microsoft and Azure security solutions.
• Regularly monitor system logs, SIEM tools and network traffic for unusual or suspicious activity and interpret such activity and make recommendations for resolution.

Data Loss Prevention (DLP):

• Implement, manage, and fine-tune DLP policies, procedures, and tools to ensure data security.
• Regularly monitor and review DLP alerts and reports for policy violations and suspicious activities.
• Collaborate with the data governance team to maintain data classifications and categorization and apply DLP policies accordingly.

Cloud Security:

• Perform security design reviews to assess security implications for the introduction of new or differing technologies within the Azure environment.
• Regularly monitor Azure cloud environment for security breaches and investigate violations when they occur.
• Develop secure cloud architectures and solutions to assist businesses in migrating to the Azure cloud.
• Develop and implement policies, procedures, and associated training plans for cloud security administration and usage.

Supervisory Responsibilities: This position has no formal supervisory responsibilities.

MINIMUM REQUIRED QUALIFICATIONS:   

• Bachelor's degree in computer science, information assurance, MIS or related field AND
• Eight (8) years’ experience in cybersecurity as a practitioner and with at least 2-3+ years exposure with Microsoft, AWS, OCI.
• Equivalent combination of education and experience

Certificates and Licenses: One or more including CISSP, Microsoft Azure Security Engineer Associate- Specialty, and CompTIA Security+

OTHER REQUIRED QUALIFICATIONS: 

• Strong Linux and Windows support skills
• Experienced in cloud networking architecture and cloud operations
• Familiarity with tools such as Git, Jenkins, CloudFormation
• Network and encryption experience, including virtual private networks (VPNs), IPsec, SSL/TLS, LDAP and public key infrastructure (PKI)
• Experience with scripting languages such as Python, Ruby, PowerShell and JavaScript
• Familiarity with key security concepts/frameworks such as OWASP, CVE, and CVSS
• Experience integrating with native Microsoft services.
• Experience and understanding of various regulatory requirements and laws, including but not limited to: Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR) and Gramm-Leach-Bliley Act (GLBA). Additionally, experience in one or more of the following: ISO 27001/2, ITIL or NIST
• Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management and hardening guidelines.
• Team leadership experience to help with the organizational and team dynamics in a growing field.
• Ability to travel 10% of the time.
• Ability to clear required background check  

WORK ENVIRONMENT:  The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• This is an office-based position.  The noise level in the office is usually moderate (computers, printers, light foot traffic).  

Compensation & Benefits: Stride, Inc. considers a person’s education, experience, and qualifications, as well as the position’s work location, expected quality and quantity of work, required travel (if any), external market and internal value when determining a new employee’s salary level.  Salaries will differ based on these factors, the position’s level and expected contribution, and the employee’s benefits elections.  Offers will typically be in the bottom half of the range.

• We anticipate the salary range to be $81,045.75- $201,088.80. The upper end of this range is not likely to be offered, as an individual’s compensation can vary based on several factors. These factors include, but are not limited to, geographic location, experience, training, education, and local market conditions. Eligible employees may receive a bonus. Stride offers a robust benefits package for eligible employees that can include health benefits, retirement contributions, and paid time off.

The above job is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor.  All employment is “at-will” as governed by the law of the state where the employee works.  It is further understood that the “at-will” nature of employment is one aspect of employment that cannot be changed except in writing and signed by an authorized officer. 

Job Type

Regular

The above job is not intended to be an all-inclusive list of duties and standards of the position. Incumbents will follow any other instructions, and perform any other related duties, as assigned by their supervisor. All employment is “at-will” as governed by the law of the state where the employee works.  It is further understood that the “at-will” nature of employment is one aspect of employment that cannot be changed except in writing and signed by an authorized officer.

Stride, Inc. is a Federal Contractor, an Equal Opportunity/Affirmative Action Employer and a Drug-Free Workplace. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected Veteran status age, or genetics, or any other characteristic protected by law.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)