We provide technology that community financial institutions use to manage risk and drive growth. Our solutions automate key processes – from anti-money laundering to fraud detection to CECL readiness to lending workflows – empowering our customers by addressing their Enterprise Risk Management needs.
This is an exciting opportunity for someone who is not only a master of their craft, but also shares our commitment to driving a strong company culture by putting their heart and soul into their work every day. We are looking for a Senior Cloud Security Engineer to join our team and assist in ensuring the security of our cloud-based systems and infrastructure. The ideal candidate has experience with implementing and maintaining security controls, conducting security assessments, and responding to security incidents. This position will report to the Director of Security Operations. This position will be based in Raleigh, NC, Austin, TX, or remotely.
What You’ll Do:
- Design and Implement security strategies, controls, and solutions for cloud environments via Infrastructure as Code (IaC) based on risk exposure (vulnerability remediation, cloud workload protections, security guardrails, permission boundaries, etc).
- Develop and maintain security standards and best practices for cloud environments.
- Develop, track and routinely report on KPIs, KRIs, ROI for Security Engineering to Director of Security Operations.
- Analyze security events and assessment data to detect patterns and trends and to identify security improvements to design and implement based on analysis.
- Collaborate with cross-functional teams to integrate security best practices into cloud-based applications and services.
- Collaborate with development and operations teams to integrate security into the software development lifecycle (SDLC) – Act as POC for Shift Left initiatives.
- Stay up to date with the latest security trends, threats, and technologies.
- Mentor and support other team members on security best practices.
- Routinely review and prioritize identified vulnerabilities by risk rating and determine path to remediation.
- Identify gaps and vulnerabilities in current security infrastructure, to determine the appropriate tools and controls to employ.
- Document Risk Findings from internal and external assessments, as well as published bulletins (CISA KEV, NIST CVE, etc.).
- Regular communication on vulnerability remediation project status to management and IT Risk Department.
- Coordinate application penetration testing and post-test remediation.
What You’ll Need:
- 5+ years of experience in cloud security engineering with particular focus on designing and implementing Cloud Security Solutions in AWS, using automation or process efficiencies.
- Extensive knowledge and understanding of cloud security best practices, including identity and access management, data encryption, and network security.
- Extensive experience with security automation.
- Extensive experience with Infrastructure as Code (IAC) – specifically, Terraform.
- Deep understanding of cloud computing principles and technologies (e.g., AWS, Azure, GCP).
- Extensive experience with AWS Firewall Manager, AWS Shield, AWS WAF, AWS Network Firewall rulesets, administration, etc.
- Experience with security tools and technologies (e.g., IDS/IPS, SIEM, DLP).
- Knowledge of security standards and frameworks (FFIEC CAT, NIST, CIS, AWS Foundations, CSA).
- Knowledge of Qualys Guard (VMDR. CSAM, etc.) a plus.
- Experience managing penetration test engagements with 3rd party testing vendor(s).
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills
- Relevant certifications (e.g., CCSK, CCSP, AWS Certified Security Specialty) are a plus.
What You'll Get:
- Market competitive total rewards package
- To be part of the Heart & SOUL of a winning company with an inspiring mission
- The opportunity to Make Big Things Happen
- Competitive salary along with full health benefits with an HSA option
- Flexible PTO and bank holidays
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, age, genetic trait, sexual orientation, national origin, disability status, or any other characteristic protected by law.
Abrigo is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at Careers@abrigo.com with the subject line accommodation.