Security Engineer - Lead

EXPERIENCE

• 8-11 Years

Core Skills

• Design and Implement security strategies, controls, and solutions for cloud environments via Infrastructure as Code (IaC) based on risk exposure (vulnerability remediation, cloud workload protections, security guardrails, permission boundaries, etc).

• Write detective controls tailored to the specific threats Abrigo’s cloud environment(s) face.

• Develop and maintain security standards and best practices for cloud environments.

• Develop, track and routinely report on KPIs, KRIs, ROI for Security Engineering to Director of Security Operations.

• Analyze security events and assessment data to detect patterns and trends and to identify security improvements to design and implement based on analysis.

• Collaborate with cross-functional teams to integrate security best practices into cloud-based applications and services.

• Collaborate with development and operations teams to integrate security into the software development lifecycle (SDLC) – Act as POC for Shift Left initiatives.

• Stay up to date with the latest security trends, threats, and technologies.

• Mentor and support other team members on security best practices.

• Routinely review and prioritize identified vulnerabilities by risk rating and determine path to remediation.

• Identify gaps and vulnerabilities in current security infrastructure, to determine the appropriate tools and controls to employ.

• Document Risk Findings from internal and external assessments, as well as published bulletins (CISA KEV, NIST CVE, etc.).

• Regular communication on vulnerability remediation project status to management and IT Risk Department.

• Coordinate application penetration testing and post-test remediation.

• Write and publish detailed documentation to internal wiki for security engineering efforts

Qualifications

• 5+ years of experience in cloud security engineering with particular focus on designing and implementing Cloud Security Solutions in AWS, using automation or process efficiencies.

• Extensive knowledge and understanding of cloud security best practices, including identity and access management, data encryption, and network security.

• Extensive experience with security automation.

• Extensive experience with Infrastructure as Code (IAC) – specifically, Terraform.

• Deep understanding of cloud computing principles and technologies (e.g., AWS, Azure, GCP).

• Extensive experience with AWS Firewall Manager, AWS Shield, AWS WAF, AWS Network Firewall rulesets, administration, etc.

• Experience with security tools and technologies (e.g., IDS/IPS, SIEM, DLP).

• Knowledge of security standards and frameworks (FFIEC CAT, NIST, CIS, AWS Foundations, CSA).

• Knowledge of Qualys Guard (VMDR. CSAM, etc.) a plus.

• Experience managing penetration test engagements with 3rd party testing vendor(s).

• Excellent problem-solving and analytical skills.

• Strong communication and interpersonal skills

• Relevant certifications (e.g., CCSK, CCSP, AWS Certified Security Specialty) are a plus.