Senior Security Engineer - Cloud Focus en Accedere

Primary Responsibilities:

 • Define & drive roadmaps for the security engineering team. 

• Design, implement and maintain security controls for cloud based infrastructure. 

• Automate security controls using Security as Code, Policy as Code, Security Left, DevSecOps concepts. 

• Integrate tools to monitor and analyze security logs and alerts, identify potential threats and respond to security incidents. 

• Perform regular security assessments and audits of organization and cloud infrastructure in support of our ISO-27001 certification, SOC 2 efforts, and as part of our existing security plan. 

• Develop, deliver, and participate in social engineering exercises across different departments of the organization. 

• Establish a security-aware culture and manage security incidents together with the operational teams. 

• Provide guidance and technical mentorship for junior resources to help them grow and do the best work of their careers. 

• Help attract top level talent and lead the technical direction of the team.

Education and Experience: 

• Bachelor’s Degree in Computer Science, Information Security or related field. 

• 5+ years of experience in information security with focus on cloud security.

• Strong understanding of encryption, key management system, identity and access management, web application firewalls, data security, application security concepts and implementation. 

• Strong understanding of the compliance and regulatory requirements for cloud based systems such as GDPR and US data protection regulations. 

• Strong understanding of Azure, cloud computing technologies and architectures (AWS, or GCP). Cloud security relevant certifications from cloud providers or CCSP is a plus. 

• 5+ years experience securing network and perimeter infrastructures. 

• Experience with security tools such a s Firewalls, Intrusion Detection/Prevention Systems and vulnerability management. 

• Experience with programming languages such as Java and Python. 

• Knowledge of industry standard security framework, technologies, protocols, and best practices including but not limited to ISO 27001, PCI DSS, NIST, ISO/IEC, SOC 2, and OWASP is a plus. 

• Understanding of database functionality and security. Familiarity with Agile practices and CI/CD concepts. 

• Experience in communicating and leading discussions regarding technical solutions or problems to varying levels of the organization. 

• Ability to think creatively to solve problems and continuously improve.