Information Security Engineer (Cloud Security) (MM)

23 Apr 2024

Vacancy expired!

YOUR LIFE'S MISSION: POSSIBLE You have goals, dreams, hobbies and things you're passionate about.

What's Important to You Is Important to UsWe're looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them-friends, family and passions. And we're looking for team members who are passionate about our mission-making a difference in military members' and their families' lives. Together, we can make it happen.

Don't take our word for it.

• Military Times 2021 Best for Vets Employers• WayUp Top 100 Internship Programs• Forbes® 2022 The Best Employers for New Grads• Forbes® America's Best Employers• Newsweek Top 100 Most Loved Workplaces• Fortune Best Workplaces for Women• Fortune 100 Best Companies to Work For®• Computerworld® Best Places to Work in IT

Basic Purpose To drive embedding security seamlessly into the product development lifecycle for cloud applications and environments. Serve as a technical interface and subject matter expert working with development teams on securing cloud infrastructure and workloads by designing, implementing, and operationalizing capabilities. Support the implementation of continuous security monitoring practices along with threat and vulnerability prevention, detection, and response capabilities on cloud assets. Works independently under limited supervision and/or in a team environment.

Responsibilities

• Collaborate with dependent teams to develop cloud security standards and verify controls are implemented for hardening infrastructure, hardening infrastructure as code, hardening CI/CD pipelines, and hardening containers • Translate cloud security policies and standards into machine-readable, automated guardrails using cloud-native, open source, custom scripting, and commercial security tools • Familiar with cloud security posture management (CSPM) and cloud workload protection capabilities (CWPP) and cloud native application protection platform (CNAPP) concepts• Develop and implement monitoring and contextual incident response alerting patterns targeting cloud infrastructure and runtime assets for the security operations center, including integration with SEIM/SOAR technologies• Implement automation to support Information Security reporting metrics to reflect overall cloud compliance and cloud security health to senior leadership• Provide subject matter expertise on cloud security threats and vulnerabilities that could impact the technology stack• Support definition of Secure SDLC standard to include security architecture, design and coding requirements for infrastructure, application, and data to align with application security maturity model and adopt a shift-left approach for security• Lead security innovation and best practices in product development through collaboration and learning from industry professionals and consortiums

Qualifications

• Bachelor's Degree in Information Technology or the equivalent combination of education, training, or experience• 5 years or more experience in the field of Information Security/Cybersecurity/Application Security• Experience with one or more cloud platforms (e.g. Azure, Amazon, Google Cloud Platform)• Experience in the practical application of the vulnerability management lifecycle and associated best practices• Experience in threat research, vulnerability analysis, risk assessment, CVSS scoring, and Common Vulnerabilities and Exposures (CVE)• Proficient with Azure native security tools like Defender for Cloud, Azure Policy, Sentinel• Proficient with Azure Resource Graph and Kusto Query and scripting languages• Experience with ARM and Infrastructure as code• Experience with cloud security analysis and design techniques• Experience with cloud security practices and procedures, including risk assessment, authentication technologies, security monitoring, runtime defenses, and security attack patterns and practices• Advanced knowledge in security best practices, principles, and common security frameworks such as OWASP, NIST and ISO• Hands-on experience with CIS, Azure Security Benchmark, CSA CCM controls• Experience with scripting languages like Java, Python, .Net• knowledge of secure architecture and design patterns for Web, Mobile and Microservices• Advanced knowledge of current and emerging threats and techniques for exploiting security vulnerabilities• Experience securing cloud infrastructure and applications• Advanced organizational, planning and time management skills• Advanced communication, presentation, and analytical skills

Desired

• Advanced degree in Information Technology, or the equivalent combination of education, training or experience• Experience with Azure DevOps, Kubernetes, Splunk, and Tanzu/Pivotal Cloud Foundry technologies• Experience implementing cloud security posture management and cloud-native application protection platform tools (e.g. Aqua, Prisma Cloud, Orca, Wiz)• CISSP, CISM or other related Information Security certifications• Advanced knowledge of Navy Federal's functions, philosophy, operations and organizational objectives

Hours: Monday - Friday, 8:00AM - 4:30PM

Location: 820 Follin Lane, Vienna, VA 22180 | 5550 Heritage Oaks Dr. Pensacola, FL 32526 | 141 Security Dr. Winchester, VA 22602

Navy Federal is now hybrid! Our standard enterprise requirement for a hybrid schedule is to report on-site 4-16 days each month. The number of days reporting on-site will ultimately be determined by the employee's leadership and business unit needs. You will learn more throughout the hiring and on boarding process.

Salary Range:$87,800 - $160,900 annually

Navy Federal Credit Union assesses market data to establish salary ranges that enable us to remain competitive. You are paid within the salary range, based on your experience, location and market position.

Posting End Date: 4/27/23

Job postings are subject to close early or extend out longer than the anticipated closing date at the hiring team's discretion based on qualified applicant volume.

#LI-Hybrid

Equal Employment Opportunity Navy Federal values, celebrates, and enacts diversity in the workplace. Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans. EOE/AA/M/F/Veteran/Disability

Disclaimer

Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need. An assessment may be required to compete for this position.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.

Employee Referrals

This position is eligible for the TalentQuest employee referral program. If an employee referred you for this job, please apply using the system-generated link that was sent to you.

  • ID: #49766134
  • State: Virginia Vienna 22180 Vienna USA
  • City: Vienna
  • Salary: $87,800 - $160,900
  • Job type: Permanent
  • Showed: 2023-04-23
  • Deadline: 2023-06-21
  • Category: Security