Cloud Security Engineer

Description:

The Cloud Security Engineer is the Technology Service Unit’s subject matter expert on cyber systems security, responsible for providing technical leadership in cyber security. This role is responsible for having a deep understanding of current OSC Cyber Security systems, the broader technological environment and playing a pivotal role in ensuring the implementation of solid cyber security solutions in support of the IT modernization. The Cloud Security Engineer will design and implement security systems to protect the OSC’s compute environment, networks, and systems from cyber-attacks while helping to maintain a solid security posture. They will monitor systems, detect security threats ('events'), analyze alarms, report on threats or intrusion attempts, while taking the necessary remediation steps by either resolving them or escalating them to the appropriate owner. This role supports the Chief Technology Officer, Chief Information Security Office and the Manager, Technology Services in performing the project and operational work required for the OSC’s Information Security Program.

Key Duties and Responsibilities

Management of OSC compute, network and system security activities
Test and evaluate new security products to assess alignment with OSC ecosystem.
Identify, prioritize, and mitigate vulnerabilities across all assets in the OSC.
Monitor and take the necessary action on attacks, intrusions, unusual/unauthorized activity, phishing emails and spam activity.
Investigate security alerts/breaches and provide the necessary incident response.
Proactively determine emerging threat patterns / vulnerabilities and identify potential weaknesses using advanced analytic tools and appropriate security controls.
Research and evaluate emerging cyber security threats and make recommendations on approaches and strategies to mitigate them.
Liaise with the Information Security Office and stakeholders in relation to security issues and to provide recommendations.
Generate qualitative reports on privileged accounts and vulnerabilities (etc.) for both technical and non-technical staff to understand our security risk and monitor progress on the necessary remediations.
Identify new technology, resolve vendor issues, negotiate statements of work and design solutions and accountable for the implementation of the OSC’s security systems or controls.
Assist infrastructure teams in troubleshooting cyber security related integration issues.
Work on the procurement process to evaluate vendors and assessment products based on defined requirements.
Develop and maintain documentation for various security systems and applications.
Keep up to date with the latest security and technology developments.
Assist with the creation, maintenance, and delivery of information security awareness training campaigns.
Plan for disaster recovery and create contingency plans in the event of any security disruptions to normal operations.

Qualifications

A relevant degree Computer Science or a comparable field of study, or certificate in Information Security (or equivalent experience)
Industry certifications such as CISSP, Certified Information Systems Security Professional or GISP, GIAC Information Security Professional are preferred
A minimum of 7-10 years of relevant experience in IT security or information risk management
Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
Solid understanding of general networking principles and common protocols
Familiar with ISO/IEC 27000 family of standards for Information Security Management, NIST series of standards related to Information Security and Risk Management and other best practices for information security
Good working knowledge of various security technologies such as network and application firewalls, segmentation, policy management, proxies, web filtering, SIEM, end point protection, secure remote access solutions (VPN, SSO & MFA) anti-virus and security operations
Experience in vulnerability assessment scanning, secure code, and infrastructure security reviews for internal and external facing (web) applications
Experience with system development lifecycles (SDLC) and embedding security assurance into the planning, implementation, testing and deployment of solutions
Experience with Public Key Infrastructure (PKI) management
Experience with cloud security & integration (preferably Azure Cloud)
Experience with Pao Alto Firewalls, PRISMA and related technologies
Experience with Azure Premium Firewalls, Network Security Group (NSG) and related technologies
Experience with Cisco switches and related technologies
Familiarity with some or all of Microsoft Security set of products, and depth experience in at least 1 of the following: Azure Sentinel, Azure Security Center (ASC), Windows Defender Advanced Threat Protection (WDATP) Microsoft Cloud App Security Broker (CASB) Solutions - Microsoft Cloud App Security (MCAS) / Office 365 Cloud App Security (OCAS) / Azure AD Cloud App Discovery Office 365 Advanced Threat Protection (O365 ATP), Office 365 Threat Intel (O365 TI), Azure Advanced Threat Protection (Azure ATP).
Solid understanding of TCP/IP, BGP, OSPF and related protocol stack
An understanding of the information security risks associated with various technologies and ways to manage them
Familiar with ITIL Change Management process
Analytical and problem-solving skills to identify and assess risks, threats, patterns, and trends
Strong oral and written communication skills
Excellent attention to detail
Teamworking skills to collaborate with team members and clients
An ability to work under pressure, particularly when dealing with threats and at times of high demand
Time-management and organisational skills to manage a variety of tasks/competing priorities and meet deadlines