Your Job
As the Cloud Security Engineer, you will help strengthen and expand our application security posture with a focus on CNAPP platform implementation and operations (Wiz). You will partner with development, engineering, product, and platform stakeholders across the software development lifecycle (SDLC) to onboard environments, configure and tune the platform, and mature the processes and guardrails that support secure cloud deployments. This role will contribute to developing cloud and code enforcement patterns that improve signal quality and drive timely remediation. As our program continues to mature, you will also spend more time enabling engineers directly in their IDEs and deployment pipelines as part of shift-left initiatives.
Our Team
The Application Security capability within GP Cyber Security is focused on managing risks associated with application development and cloud infrastructure systems through a comprehensive vulnerability management program. Our goal is to provide valuable insights to business partners, enabling profitable, risk-based cyber security management decisions. Our team supports operations and remediation across applications, cloud, and infrastructure, while also being involved in cyber tool management and maintenance. Our team also engages with stakeholders responsible for onboarding applications to our Cyber tools to help identify vulnerabilities and drive remediation through collaboration with various customers and stakeholders.
What You Will Do
- Support Application Security team in managing CNAPP tool, including integrations, connectors, alert creation, account onboarding, and tuning.
- Identify cloud vulnerabilities and misconfigurations, prioritize and risk adjust findings, consult on mitigation strategies, and ensure timely resolution through automated enforcements.
- Demonstrate self-motivation and direction, while utilizing strong organizational and project management skills, to effectively plan, execute, and complete tasks in a timely and efficient manner.
- Design and deliver training sessions to developers and stakeholders on secure cloud deployment practices, threat modeling, and risk assessment.
- Offer specialized application security guidance on projects, system issues, and during stakeholder meetings. Provide guidance on relevant application security industry standards and practices such as OWASP, ASVS, CIS, SANS, CWE, etc.
- Assist in developing and maintaining an ongoing security assurance program including development of appropriate scripts and monitoring capabilities to; verify security effectiveness, analyze data, develop trend analysis, and ensure compliance to existing standards, policies, and procedures.
- Conduct technical security risk assessments with internal and external resources as needed.
Who You Are (Basic Qualifications)
- Experience managing cyber security tools/platforms.
- Experience scripting using Python for automation and/or cloud infrastructure management.
- Experience deploying/supporting cloud infrastructure, and application security within a major cloud environment preferably AWS.
- Experience utilizing AI, LLM, Machine Learning, and/or code analysis platforms.
- Experience in partnering with different teams and influencing without authority to achieve business outcomes.
- Experience working autonomously in ambiguous work environment
What Will Put You Ahead
- Experience automating cloud security posture management enforcements.
- Experience with CI/CD, containers, microservices and/or software development.
- Experience testing and identifying web application vulnerabilities.
- Application Security Certifications (i.e. EC-CASE, OSCP, etc.).
- Experience providing organizational guidance for application security standards and practices such as OWASP, ASVS, CIS, SANS and CWE.
- AWS Certified Solutions Architect or comparable certification.
- Experience working in an Incident Response role.
Our Benefits
Our goal is for each employee, and their families, to live fulfilling and healthy lives. We provide essential resources and support to build and maintain physical, financial, and emotional strength - focusing on overall wellbeing so you can focus on what matters most. Our benefits plan includes - medical, dental, vision, flexible spending and health savings accounts, life insurance, ADD, disability, retirement, paid vacation/time off, educational assistance, and may also include infertility assistance, paid parental leave and adoption assistance. Specific eligibility criteria is set by the applicable Summary Plan Description, policy or guideline and benefits may vary by geographic region. If you have questions on what benefits apply to you, please speak to your recruiter.
Additionally, everyone has individual work and personal needs. We seek to enable the best work environment that helps you and the business work together to produce superior results.