IT Operations Cloud Security Specialist


Summary

Responsible for day to day PCI DSS (PCI) and Service Organization Controls (SOC) compliant operations in Cloud environments. Manage the information systems infrastructure across multiple cloud service providers, sites and/or business units. Provide leadership to the staff who implement the development, design, optimization and ongoing support of technical information systems infrastructure platforms and IT support services.

Responsibilities

  • Oversee the day to day operations and maintenance of cloud infrastructure primarily in Microsoft Azure cloud and Amazon Web Services (AWS) environments.
  • Work with Development & InfoSec to maintain PCI and SOC compliant operations.
  • Create and maintain secure cloud-based PCI and SOC compliant data hosting solutions.
  • Participate in architecting, building and maintaining cloud systems for maximum performance, reliability and scalability.
  • Define and report on metrics relating to SLAs, systems capacity and uptime.
  • Create documentation around system, network infrastructure and compliance.
  • Participate in defining and implementation of the automation processes for cloud operations, including defining automation needs, usage of DevOps/system configuration tools.
  • Work to ensure security best practices, penetration testing, certifications are maintained.
  • Identify and document vulnerabilities and manage vulnerability resolution.
  • Document all processes and procedures in assigned areas of responsibility.
  • Assist with the evaluation, research and development of cloud security risk assessments, definition and implementation of security tools, design and implement security plans, and disseminate the DevSecOps practices across engineering teams.
  • Informs and advises leadership on information system technologies’ functionality, costs, benefits, resources and implementation requirements.
  • Update job knowledge by studying relevant tools, techniques, and equipment; participating in educational opportunities; reading professional publications; participating in professional organizations.
  • Protect operations by keeping information confidential.
  • Build trust and effective relationships with peers and provides leadership across the enterprise.
  • Work with internal team and partners to provide 24x7 operational support for our Cloud Services.
  • Participate in on-call rotation, as an escalation path.
  • Perform other duties as assigned.

KNOWLEDGE SKILLS & ABILITIES

POSITION REQUIREMENTS:

Minimum Education/Experience: Bachelor’s degree (BA or BS) from an accredited college or university plus a minimum of four (4) years of experience in the specific or related field.  Or High School Diploma or equivalent plus a minimum of eight (8) years of experience in the field.

Company / Industry Knowledge:  Prior experience in credit union or financial services industries is strongly preferred.

Certifications:  Microsoft Certified: Azure Security Engineer Associate or Microsoft Certified: Azure Security Engineer Associate or AWS Certified Security heavily desired.  CISSP, CCSK or CCSP are also desired.

Other Experience:

  • 3+ years of experience managing production systems in Microsoft Azure or Amazon Web Services and platforms.
  • 2+ years of experience in managing production-critical cloud infrastructures and DevOps environments.
  • 2+ years of IT operations management in a PCI DSS and Service Organization Controls (SOC) compliant organization.  Or equivalent experience in a regulated industry.
  • Strong understanding of cloud enabled architectures automation & orchestration of dynamic workloads and associated security.
  • Track record as an IT Systems Engineer and/or Cloud Engineer designing, building and launching products that customers love and have a real business impact.
  • Highly proficient with and can support Linux and Windows operating systems.
  • Experience with native cloud and third-party Identity and Access Management(IAM).
  • Experience with vulnerability management, penetration testing, and participating in ongoing security hardening projects.
  • Experience with PCI DSS, SOC, ISO, or SOX audits and examiners.
  • Experience working with CI/CD pipelines (Azure DevOps, Jenkins).
  • Experience maintaining cloud networks, firewalls, SIEMs, FIM and security best practices.
  • Experience with ISO 27001, NIST 800-71, and 800-53 standards.
  • Experience with Jira, Zendesk, or Remedy desired.
  • Strong ability to translate product needs to technology and understand technology.

SKILLS/ABILITIES:

Other Skills:

  • Problem framing – able to cut through the noise and laser focus on what really matters.
  • Strategic thinker, with the ability to dive into details, unfazed by technology complexity.
  • Detail-oriented, undaunted by technical detail, committed to flawless execution.
  • Strong problem-solving, decision-making and analytical skills.
  • Excellent interpersonal and organizational skills – a team player who can effectively partner with all levels of the company.
  • Strong project management skills.
  • Ability to handle numerous assignments simultaneously.
  • Ability to work independently and as part of a team.

Language Ability:  Excellent verbal and written communication skills. Ability to facilitate meetings and effectively present information to top management. Ability to read, analyze, and interpret common scientific and technical journals, financial reports, and legal documents.  Ability to respond to common inquiries or complaints from customers, or members of the business community.

Math Ability:  Ability to work with mathematical concepts such as probability and statistical inference.  Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.

Reasoning Ability: Ability to define problems, collect data, establish facts, and draw valid conclusions.  Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.

Computer Skills:  Proficiency in Microsoft Office products, particularly Excel, PowerPoint, and Word, and a contact database product.

WORKING CONDITIONS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job the employee is regularly required to sit, talk and hear.  The employee is frequently required to use hands and fingers in the course of daily job duties. The vision requirements include close vision. Significant mental stress may be incurred due to time deadlines, pressures and demands from both internal and external sources.  Overnight travel is possible likely (up to 10%) along with the ability to work effectively throughout the U.S. dealing with very different and numerous clients.

To apply, please send your resume and cover letter to HR@trellance.com.