Overview

The Cloud Security Engineer provides cyber security expertise in the analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks. This role will be focused on maintaining the security of the applications and network which includes creation and timely execution of project plans, tool installations, assisting with upgrades of technology environments and integrating risk-based threat intelligence into the operational environment. Additionally, the Cloud Security Engineer assists in the development of cyber security requirements, conducts security risk assessments, evaluates security services and technologies, and reviews and documents information security policies and procedures as well as provides monitoring and oversight for alerts in this environment.

The Role

Maintain and Secure Cloud Infrastructure: Oversee the operation and security of the cloud infrastructure on platforms like AWS and Azure. Ensure efficient performance and compliance with all security protocols. Monitor and update systems as needed.

Develop and Document Security Requirements: Collaborate with both technical and non-technical teams to define security standards for applications. Validate vulnerabilities and conduct manual reviews. Document all security requirements clearly.

Conduct Security Assessments and Testing: Regularly evaluate the security configurations of IT cloud systems. Identify vulnerabilities and verify the effectiveness of security measures. Implement corrective actions based on test results.

Drive IT Security Remediation: Identify and address security weaknesses within the IT cloud infrastructure. Prioritize remediation actions based on risk assessments. Implement solutions to enhance security posture.

Collaborate on Technology Solutions: Work closely with the Infrastructure and Digital teams to provide security insights and assist in developing security solutions that meet business requirements. Foster a collaborative environment for secure and efficient solution development.

Advance Security Integration in Cloud and CI/CD Environments: Focus on enhancing security integration within cloud and CI/CD environments. Develop and implement advanced security measures that align with Infrastructure-as-Code, Security-as-Code, and Governance-as-Code methodologies. Ensure continuous security throughout the development and deployment processes, maintaining a robust defense against evolving cyber threats.

Develop and Manage Security Metrics and KPIs: Establish and maintain key performance indicators (KPIs) and metrics to track and report on the security of the cloud environment. Focus on creating transparent, insightful metrics that highlight priority issues and track progress effectively. Ensure that these metrics are communicated clearly to management, providing a comprehensive view of the security landscape and facilitating informed decision-making.

You Have...

Education: Bachelor’s degree from an accredited university required; Computer Science program strongly preferred

Certification or Licensures: Certified Information System Auditor (CISA), Certified Information System Security Professional (CISSP)

Experience:

• 5 years’ experience as an engineer, implementing and monitoring security measures for the protection of computer systems, networks and information
• 5 years’ experience identifying and defining system security requirements

Knowledge, Skills and Abilities:

• In-depth knowledge of cloud platforms (AWS, Azure, etc.) and their security features.
• Understanding of cybersecurity threats, risk assessment methods, and remediation strategies.
• Knowledge of Infrastructure-as-Code, Security-as-Code, and Governance-as-Code methodologies.
• Awareness of current trends and developments in cloud security and IT infrastructure.
• Strong technical skills in maintaining and securing cloud infrastructure.
• Proficient in conducting security assessments, vulnerability testing, and implementing corrective actions
• Ability to develop clear and comprehensive security documentation and requirements.
• Skilled in collaborating with cross-functional teams to develop and implement technology solutions.
• Competence in developing and managing security metrics and KPIs
• Effective communication skills to articulate security risks and progress to both technical and non-technical stakeholders.
• Ability to integrate advanced security measures within cloud and CI/CD environments.
• Proficiency in tracking, reporting, and communicating security metrics and KPIs effectively to management.
• Detailed knowledge of the principles of ZeroTrust and how to implement them

How AvalonBay Supports You

We know that our teams are the beating heart of our success and we’re committed to showing our appreciation.

We offer:

• Comprehensive benefits — health, dental and vision, 401(k) with company match, paid vacation and holidays, tuition reimbursement, an employee stock purchase plan and more. Click on Benefits for information.
• Growth based on achievement and promotion from within.
• Associate recognition .
• A 20% discount on our incredible apartment homes.
• A culture built on purpose and our core values - A Commitment to Integrity, A Spirit of Caring, and A Focus on Continuous Improvement.

Additional Info

AvalonBay is proud to be an equal opportunity employer and is committed to an inclusive and diverse work environment free of discrimination and harassment. We believe that in order to achieve our purpose of creating a better way to live, we must recruit, develop and retain associates with a wide range of backgrounds, experiences and perspectives and create an environment that encourages all voices to be heard, understood and appreciated. With this we know we can do great things.

AvalonBay makes employment decisions without regard to a person’s race, ethnicity, color, religion, sex, national origin, sexual orientation, gender identity, pregnancy (including childbirth, lactation or related medical conditions), age, physical or mental disability, genetic information (including characteristics or testing), citizenship status, military or veteran status, or any other status protected by the law.

AvalonBay will consider for employment qualified applicants with criminal histories in a manner consistent with requirements under the law.

For California residents, if you elect to apply to AvalonBay you accept the AvalonBay California Personnel Privacy Notice

#Hybrid

Job ID 31452