Security Engineer Sr - Cloud Security

About The Position

Requirements

• Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role.
• Listed below are skills, competencies, work experience, education, and required certifications/licensures needed to be successful in this position.
• Access Control (AC)
• Amazon Web Services (AWS)
• Building Architecture
• Cloud Infrastructure Security
• Cloud Native Security
• Customer Solutions
• Disaster Recovery Planning
• Information Security
• Microsoft Azure
• Network Security
• Physical Security
• Risk Assessments
• Security Technologies
• Analytical Thinking
• Effective Communications
• Information Security Management
• Information Security Technologies
• IT Environment
• IT Standards, Procedures & Policies
• Knowledge of Organization
• Problem Solving
• Roles at this level typically require a university / college degree.
• Higher level education such as a Masters degree, PhD, or certifications is desirable.
• Industry relevant experience is typically 8+ years.
• Specific certifications are often required.
• In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Nice To Haves

• Thorough understanding of AWS and Azure public cloud services and security best practices.
• Experience performing security gap analysis on Cloud Services or Cloud Infrastructure
• Experience in applying security controls as code to public cloud workloads in Azure and AWS.
• Experience creating innovative security solutions that balance security with all other corporate priorities
• Proficient in one or more scripting languages such as Python, Powershell, Bash, etc.
• Expertise with Git, including branching workflows.
• Experience with testing security controls to ensure the effectiveness of the control.
• Strong written and verbal communications skills.
• Process and detail oriented.
• Has demonstrated project leadership, taking ownership of larger team initiatives.
• Ability to “think outside the box” when considering options to address security controls at scale and across multiple cloud service providers.
• Expertise in SQL or SQL-type query languages

Responsibilities

• Build and test security controls for Azure resources and AWS services
• Validate security control effectiveness and promote to production workloads
• Work within agile team and proactively participate in planning sessions
• Engineer and Configure CSPM tools to effectively analyze and assess cloud workloads for compliance
• Enable key stakeholders with access to Prisma Cloud to utilize licensed components to full effectiveness
• Continuous learning environment – Our team does not stand still, a growth mindset that is continuously seeking new and better ways to solve security challenges is a must.
• Assess, implement, automate, and document security solutions and processes for Microsoft Azure and AWS
• Provide analysis of workloads to ensure alignment with operational security requirements in order to go to production.
• Work closely with Cloud Security Product Owner to refine backlog tickets and define priority and sizing
• Automate and orchestrate the process of Cloud software deployment (CI/CD) to integrate enterprise security standards, policies, configurations, and architectures, for applications, platforms, and infrastructure
• Assist DevOps team members with the development and operationalization of security
• Ensure the security posture of applications seeking deployment into Production
• Provides subject matter expertise when applying security concepts.
• Works as an engineering lead.
• Leverages technical knowledge and industry experience to design, build and maintain technology solutions.
• Responsible for deliverables related to program timelines.
• Responsible for working with architecture to take high level architectural designs and determining the specifics around implementation details (ex: sizing) integration details, onboarding and operationalization.
• Provides environmental expertise when engaged in the review of capabilities and/or functions, including the road map planning process.
• Is the identified capability owner for future enhancement requests.
• Leads in the evaluation of patches, updates, ongoing maintenance.
• Determines impacts to existing solutions when new standards are implemented.
• Drives collaboration with the operations team to identify pain points and implement corrective actions, and additional functions/features.
• Utilizes change control and other governance processes to ensure alignment of solutions.
• Develops detailed implementation, configuration, design, and engineering documentation.
• Build and implement solution.
• Works with operation partners to enable transition and day-to-day supportability.
• Provides engineering support to existing technology in a production environment, collaborating with other groups as required.
• Seeks opportunities to grow broad knowledge base to complement specific subject matter expertise.
• Provides mentoring and knowledge sharing with other members of the team.

Benefits

• PNC offers a comprehensive range of benefits to help meet your needs now and in the future.
• Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.
• In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.
• To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com.
• PNC’s total rewards package includes things like time off, benefits, learning and career development, wellness programs, recognition and much more.