2 Senior Security Engineer - Cloud & Application Security Jobs in Naperville, IL

SORT BY

SET JOB ALERT

OFF

Details...

Manager, Endpoint Security Engineer

Capital One

Naperville, IL | Full Time

$131k-164k (estimate)

1 Week Ago

Senior Security Engineer - Cloud & Application Security

Oncourse Home Solutions

Naperville, IL | Full Time

$94k-115k (estimate)

3 Months Ago

Senior Security Engineer - Cloud & Application Security

$94k-115k (estimate)

Full Time 3 Months Ago

Save

Oncourse Home Solutions is Hiring a Senior Security Engineer - Cloud & Application Security Near Naperville, IL

Who We Are

Oncourse Home Solutions (OHS) is a people-centric organization that is owned by private equity firm, Apax Partners operating under the brands American Water Resources, Pivotal Home Solutions and American Home Solutions. We do what is right for our people so they can do their best when serving our 1.4 million customers across the U.S. Our mission is to help homeowners navigate the unexpected, reduce costs, and make homeownership enjoyable for all. Our vision is to make our products and services accessible to all by becoming the most forward-thinking and community-driven home solutions organization of the 21st century. We are committed to fostering an environment that embraces diversity in all forms, where our employees, customers and partners feel valued, respected, and supported.

We partner with cities, utilities, insurance providers, retailers, financial service companies and member associations to help them maintain and protect their customers’ most important asset—their home. Our passion for empowering customers to confidently run their households is what drives us. When our customers need help with home maintenance, repair, or coverage, OHS is there. This is what it means to be an ‘Oncourse Super’—Successful, United, Progressive, Empathetic, Reliable. Supers get it done. We sweat homeownership so our customers don’t have to. We view every day as an opportunity to step up, step out, and remind others that they’re in this together, to stay on course.

We are proud equal opportunity employer, and our employment decisions are based on business needs, job requirements and individual qualifications without regard to race, color, religion, age, sex (including pregnancy), sexual orientation, gender identity, national origin, ancestry, marital status, parental status, mental or physical disability, military or veteran status, or any other basis protected by federal, state, or local law. OHS is committed to recruiting and retaining talented applicants and to providing all employees with a workplace free from discrimination and/or harassment.

Located at our office in Naperville, IL or Mt. Laurel, NJ, our office environment is a key driver of our company culture and employee experience. A regular in-office HYBRID model is required (generally in office Tues/Wed/Thurs. and remote M & F).

Position Summary

The Senior Security Engineer plays a crucial role in safeguarding our cloud infrastructure, optimizing Infrastructure as Code (IaC) security practices, securing containerized environments, and ensuring robust application security. This position requires a blend of technical expertise and collaborative skills to embed security into every aspect of the technology lifecycle and promote a culture of security-first thinking.

Responsibilities

Cross-functional Collaboration and Advocacy: Collaborate with IT, development, and operations teams to embed security into every aspect of the technology lifecycle. Advocate for security best practices, raising awareness and driving a security-first culture across the organization. Develop and implement automated security solutions to streamline security processes, improve efficiency, and enhance response capabilities.

Multi-Cloud and Infrastructure Security: Design, implement, and manage security measures for our cloud environments across various platforms (AWS, Azure, GCP). Develop and enforce security best practices for Infrastructure as Code (IaC) to ensure secure deployment and configuration management.

Container Security: Secure containerized environments, including Docker and Kubernetes, and ensure compliance with security benchmarks. Collaborate with DevOps teams to integrate security into the CI/CD pipeline for container deployment and management.

Application Security: Lead application security initiatives, including secure code reviews, vulnerability assessments, and penetration testing. Develop and maintain application security standards and guidelines, ensuring they are integrated into the software development lifecycle.

Continuous Learning and Improvement: Stay abreast of the latest security threats, trends, and technologies, especially in cloud, IaC, and container environments. Proactively identify and investigate security threats by analyzing security logs, conducting threat hunting exercises, and implementing advanced detection mechanisms. Continuously evaluate and improve security tools and processes to address evolving security.

We're Excited if This is You

Experience and Qualifications of the Role

- Proficiency in cloud platforms (AWS, Azure, GCP), container orchestration tools (Kubernetes, Docker), and Infrastructure as Code (Terraform, Ansible).

- Experience in application security practices and tools, including static/dynamic analysis and familiarity with OWASP standards.

- Relevant certifications such as OSCP, CISSP, CCSP, CKA, and AWS/GCP/Azure Security certifications are desirable.

- Strong analytical, problem-solving, and communication skills. - Ability to work collaboratively in a dynamic environment.

- Minimum 7-years of experience in Information Security within cloud-native or SaaS technology environments.

- At least five years of hands-on experience securing Infrastructure as Code, Application Security, and Policy as Code (PaC) using coding languages such as Python, Go, JavaScript, or YAML.

- Minimum two years of experience automating and scaling CIS benchmarks or equivalent standards.

- Minimum two years of experience working in SOC Type II and/or NIST CSF certified environments.

- Extensive experience writing technical and business-friendly security documentation.

- Strong written and verbal communication skills in English.

Computer Skills Needed to Perform this Job

Proficiency in Microsoft Tools

Certificates, Licenses, Registrations

Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), or Certified Ethical Hacker (CEH), Certified Cloud Security Professional (CCSP)

Education

Bachelor's degree in Computer Science, Information Security, or a related field required.

Competencies

Action Oriented - Enjoys working hard; is action oriented and full of energy for the things that he/she sees as challenging; not fearful of acting with a minimum of planning; seizes more opportunities than others.

Building Effective Teams - Blends people into teams when needed; creates strong morale and spirit in his/her team; shares wins and successes; fosters open dialogue; lets people finish and be responsible for their work; defines success in terms of the whole team; creates a feeling of belonging in the team.

Confronting Direct Reports - Deals with problem direct reports firmly and in a timely manner; doesn't allow problems to fester; regularly reviews performance and holds timely discussions; can make negative decisions when all other efforts fail; deals effectively with troublemakers.

Dealing with Ambiguity - Can effectively cope with change; can shift gears comfortably; can decide and act without having the total picture; isn't upset when things are up in the air; doesn't have to finish things before moving on; can comfortably handle risk and uncertainty.

Managing Complexity - Can design practices, processes, and procedures which allow managing from a distance; is comfortable letting things manage themselves without intervening; can make things work through others without being there; can impact people and results remotely.

Peer Relationships - Can quickly find common ground and solve problems for the good of all; can represent his/her own interests and yet be fair to other groups; can solve problems with peers with a minimum of noise; is seen as a team player and is cooperative; easily gains trust and support of peers; encourages collaboration; can be candid with peers.

Timely Decision Making - Makes decisions in a timely manner, sometimes with incomplete information and under tight deadlines and pressure; able to make a quick decision.