Job Summary:
As an integral member of the Information Security Team, the Sr. Cloud Security Engineer role will be responsible for growing and leading many information security functions at Reltio. As a Sr. Cloud Security Engineer, you will use your technical experience to assess, design, engineer and implement various security and operational controls in Reltio's multi-cloud environment. These controls will be aligned and focused on achieving compliance with Reltio's security standards.
The Sr. Cloud Security Engineer will partner with other technology teams for initiatives related to security strategy and implementation. The successful candidate will partner with leaders across the business to develop and deliver solutions that support business strategies and protect Reltio’s intellectual property and customer data globally.
Job Duties and Responsibilities:
- Serve as a cloud security subject matter expert by guiding industry best practices and defense-in-depth strategies
- Proven experience with deploying security controls in a multi-cloud environment (AWS, GCP, Azure)
- Create security and operational controls to enforce various aspects of Reltio’s security policies
- Work with the respective functional teams and stakeholders to resolve security related configuration issues
- Perform technical risk assessments of new technology and ensure the solution meets secure architecture designs
- Assess and measure risk impact of a security deficiency and communicate the risk or risks to stakeholders
- Proactively identify issues and recommend configuration settings or supporting solutions to mitigate security deficiencies
Skills You Must Have:
- 5+ years of experience implementing security solutions
- Strong cybersecurity background and knowledge
- Understanding of cyber threat vectors and countermeasures
- Understanding of Linux/Unix and Windows platforms
- Understanding of Cloud Infrastructure and Cloud Security
- Understanding of networking (WAN, LAN, wLAN), network domains (Internet, intranet, DMZ), communication techniques/protocols (IP and others), and their combined effects on network and host systems security
- Strong knowledge of industry standard security technology: anti-virus & anti-malware, SIEM, SOAR, vulnerability scanning, DLP, firewall, IDS/IPS, etc.
- Strong experience with scripting and infrastructure-as-code (IaC)
- Experience with industry frameworks such as SOC1/SOC2, HITRUST, ISO
- Solid understanding of audit methodologies and processes
- Experience working with virtual teams in a global environment
- Strong communication and presentation skills
- Adaptable and agile
- Good interpersonal, partnership, and leadership skills (without direct authority of others)
Skills That Are Nice to Have:
- Experience developing and operationalizing a vulnerability management program
- Experience working with container-based architectures
- Security and Cloud certifications