Overview

The Cloud Security Engineer role helps design, develop, and implement security solutions for AM Best in the cloud. This position assists in the maturity of the cloud security practice including performing security reviews of cloud services, implementing cloud-native and third-party security controls, and scaling automation across multiple cloud platforms (IaaS/PaaS/SaaS). In addition, the role will partner with the IT Infrastructure and Applications teams to assess and implement the cloud adoption framework across all AM Best services.

Responsibilities

• Support the overall vision and strategy of the Information Security department.
• Research, evaluate, design, test, recommend and operationalize security solutions in the hybrid-cloud security architecture and analyze its impact on the existing environment.
• Provide technical expertise for the implementation, configuration, and monitoring of cloud-native and third-party security controls such as Cloud Security Posture Management (CSPM) and unified Cloud Workload Protection Platform (CWPP).
• Collaborate with team members to implement and maintain Data and Endpoint Protection solutions, including Cloud Access Security Broker (CASB) and Data Loss Prevention (DLP).
• Design and implement security solutions for containers (Docker/Kubernetes) as part of the DevOps process.
• Support the adoption, administration, and maintenance of IAM solutions, including PAM, SSO, and MFA.
• Monitor and report on emerging risk and compliance with organizational security policies.
• Provide technical guidance, training and documentation covering the usage and impact of hybrid-cloud security technology.
• Prepare technical reports for senior management.
• Participate in IT problem and change management forums.
• Stay current on cloud and cybersecurity technology trends.

Qualifications

• Minimum of 3 years’ experience in cloud security, cybersecurity and/or other IT-related fields (Networking, System Administration).
• Bachelor’s degree in a technology field preferred.
• Cloud and Cybersecurity certifications in one or more areas is strongly preferred: CISSP, SANS GIAC, BTL1, Security , Azure-Based certifications, or similar.
• Experience with Azure and Microsoft O365.
• Scripting (PowerShell and/or Python) and Automation (Azure CLI, ARM Templates) a plus.
• Knowledge of security frameworks including NIST Cybersecurity Framework, NIST 800-53, ISO 27001/27002, MITRE ATT&CK, OWASP Top 10, CWE/SANS Top 25, and CIS CSC.
• Experience developing and maintaining policies, procedures, standards, and guidelines.
• Experience working in a regulated environment preferred.

Skills

• Comprehensive understanding of cloud and cybersecurity methodologies and best practices. • Knowledgeable in cloud architecture concepts related to VNETs, DNS, SSO, MFA, VMs, WAF and DDoS mitigation. • Comfortable working with a variety of technologies supporting large scale deployments, troubleshooting solution issues, and proficient in monitoring and investigating security events. • Strong experience in securing Windows / Azure environments. • Knowledge of Incident Management and Response Planning requirements and procedures. • Familiarity with third-party audits and cloud risk assessment methodologies. • Strong business process knowledge and application of technology solutions. • Strong self-motivation and team oriented. Ability to work well under minimal supervision and manage expectations appropriately. • Strong customer/client focus, with effective oral, written, and interpersonal communication skills.