The Cloud Security Engineer must possess a diverse background in cloud infrastructure and solutions, particularly with Microsoft Azure. Their expertise should span engineering and deploying secure cloud-hosted solutions, migrating enterprise on-premise systems to the cloud, and optimizing networking and security configurations. Key responsibilities include designing robust security measures, migrating on-premise solutions to Azure, optimizing networking and security configurations, and leading incident response activities.

This role entails collaborating with other engineers and technical personnel to guarantee that solutions are scalable, dependable, and sustainable. As a member of the CSRM team, the engineer contributes to shaping and implementing a secure cloud strategy that aligns with CNB's IT and business objectives, ensuring the delivery of capabilities necessary for business success. They leverage their experience and independent judgment to effectively plan and execute tasks directly related to bank administration matters.

Principal Duties & Responsibilities:

Design, implement, and manage cloud security solutions to safeguard data, applications, and infrastructure in cloud environments.

• Develop and enforce security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices.

• Collaborate with cross-functional teams to integrate security controls into cloud-based architectures and solutions.

• Perform security assessments and audits of cloud environments and identify and remediate any security gaps or vulnerabilities where feasible.

• Monitor and respond to security incidents and events in the cloud and collaborate with other teams to resolve issues and mitigate risks.

• Oversees operating Cloud Workload Protection platforms like CSPM, CWPP, and SSPM, as well as enforcing policies and controls in alignment with configuration management and security posture management best practices.

• Independently applies strong understanding of DevOps/DevSecOps principles and firsthand experience in CI/CD processes, Infrastructure-as-Code with Terraform, containerization, and Kubernetes.

• Consulting with users on functional specifications, creates solutions that balance business requirements with Information/Cyber security requirements.

• Serves as a Subject Matter Expert (SME), provides technical support in identifying, evaluating, and developing Cloud solutions and procedures that mitigate risk and meet business requirements.

• Provides management updates, status reporting, and dashboards from a cloud platform security perspective to demonstrate progress and process maturity.

• Drives the selection of appropriate tools and solutions, and also review and assess the utilization of cloud security tooling.

• Applies in depth technical knowledge via certifications in cloud platforms and/or cyber security; examples include Azure Solutions Architect Expert, Azure Security Engineer Associate, Certified Cloud Security Professional (CCSP).

• Identifies and communicates current and emerging cloud security threats.

• Researches and identifies leading Cloud services (IaaS, PaaS, SaaS) to provide guidance and make recommendations based on a capability assessment.

• Provides support for issues ranging from single-user issues to system-wide problems.

• Performs other duties as assigned.

• 5-7 years of operational experience with Azure Cloud required.
• 2-4 years Azure-specific IaaS, PaaS, and service integration experience required.
• Must have hands on working knowledge in one or more of the following Azure service categories:
• Azure systems infrastructure experience with deep domain expertise in: Windows and/or Linux OS, networking, storage, high availability, DR Architecture, cloud security, application performance.
• App Service including: Web Apps, Mobile Apps, API Apps, or Logic Apps.
• Relational databases - database Architecture and design (PostgreSQL, MySQL, Oracle, MS SQL Server, Azure SQL DB PaaS Service).
• Ability to design and deploy a SecDevOps environment (Github, Jenkins, Bamboo, Eclipse, etc.).
• Familiarity with compliance and security standards.
• Experience in defending attacks utilizing Cyber Security technologies, including web application firewalls, anti-DDoS technologies, advanced anti-malware solutions, and network forensics and visibility solutions.
• Work experience with Active Directory administration, Windows system security administration, network, email, and application access management.
• Ability to work with Technical and Non-Technical business owners.
• Experience with drawing network and reference Architecture diagrams with MS Visio.
• Strong knowledge of MS Office tools (Project, Excel, Access, MS Word, PowerPoint, Visio, etc.) tool along with general familiarity with Outlook and other MS Office applications is also required.
• Cloud security certifications: Azure Solutions Architect Expert, Azure Security Engineer Associate, Certified Cloud Security Professional (CCSP) a plus.

• Bachelor's Degree in Information/Cyber Security, Computer Science, or a related technology field.

• Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
• Please view Equal Employment Opportunity Posters provided by OFCCP here.
• The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)
• Reasonable accommodation may be made to assist individuals with disabilities to complete the online application process. Please contact our Human Resources Department at 305-577-7680 or by e-mail at employment@citynational.com.