Posted in

Senior Cloud Security Engineer

Senior Cloud Security Engineer

CompanyAcadian Asset Management
LocationBoston, MA, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior, Expert or higher

Requirements

  • Bachelor’s degree in computer science or a related field is required.
  • 10+ years of IT experience, ideally with some project management.
  • Familiarity with AWS, infrastructure-as-code, firewalls, vulnerability assessment tools, DLP, TCP/IP, web content filtering, VPN, endpoint protection, password management/Vaults, log management and correlation, and device/application hardening.
  • Understanding of API programming.
  • Knowledge of scripting languages like Python.
  • Knowledge of infrastructure automation technologies such as Cloudformation and Terraform.
  • Strong interpersonal and communication skills.
  • Demonstrated analytical and problem-solving skills.
  • Ability to work with technical resources, communicate business requirements, set priorities, and manage expectations.
  • Ability to multi-task and work on multiple projects.
  • Experience with project management life cycle and application architecture.
  • Experience in cryptographic technologies and their applications in secure e-mail, content security (for file and database protection), SSL/TLS, code signing, digital signature and digital rights management.
  • Proficiency with MS-Windows, Linux, Networking, VMWare, AWS, Azure and M365 suite.
  • Strong interpersonal skills to interface with management and staff at all levels within the organization as well as with business partners and vendors.
  • Ability to work in a fast-paced and deadline-oriented environment. Self-motivated with critical attention to detail, deadlines and reporting.

Responsibilities

  • Assess Acadian’s cloud IAAS environments for Indicators of Misconfiguration (IOMs) utilizing AWS built-in and third-party assessment tools.
  • Utilizing Policy-as-Code toolkits such as Checkov, develop controls and warnings that inform software delivery teams and integrate security controls into DevOps pipelines.
  • Develop and maintain tools to detect and remove secrets from code check-ins.
  • Establish development best practices for working with code libraries such as docker, pypi and others, ensuring that libraries are only obtained from trusted sources, e.g. Jfrog Artifactory.
  • Assist the Information Assurance team with data leak prevention techniques aimed at preventing the exfiltration of code from the Acadian network.
  • Work with the Identity and Config team to ensure least privilege in Acadian’s federated identity systems, utilizing tools such as Saviynt, Okta and Microsoft Entra ID.
  • Build Security infrastructure in AWS using Terraform and Cloudformation, leveraging best practices such as multi-region and multi-Availability zone architecture with autoscaling.
  • Assist with code governing configuration of an AWS-based global network, including third-party security tools such as Zscaler and Palo Alto Networks.
  • Help the Information Assurance team support IT service delivery to Acadian business units 24×7 as part of an on-call rotation, including interaction with MSSP incident responders.
  • Work with other IT delivery teams, including the Infrastructure Engineering team, to coordinate cross-team initiatives to achieve firm-wide goals and objectives to drive security projects.
  • Document incident findings to help build our knowledgebase; Maintain a strong security posture over enterprise-wide platforms and systems; administer multi-layered technologies to monitor and protect data and equipment from attacks.

Preferred Qualifications

  • CISSP, CISA, SANS GIAC, or relevant security certification(s) desired.
  • Additional certifications such as CCNA/CCNP, AWS Security etc. desired.