Job Title Security Engineer
Date Posted 8/25/2021
Location Redmond, WA
Status A
Max Salary 145,000.00 USD
Job Type Contract Full-Time
Position Id 200573
Written By FB
Job Description Redmond, WA

AC – Security Engineer

Assist the AC team to define the future of mobility by implementing a cloud-based device platform designed to deliver innovative, new connected car services and solutions tailored to customer needs. As a Security Engineer you will research, test and implement new cloud programs to secure the platform. You’re known for solving technical problems, driving efficient investigations, building prototypes, monitoring and managing, scalable and efficient platforms for the cloud.

Operational Work – 100% of time

  • Responds to Security Center Alerts, Operational Incidents (Pager Duty) and Security Incidents (Azure Sentinel)
  • Assists with platforms builds and proof of concepts (POCs), prototypes, pilots and products.
  • Collaborate with business leaders, partners and architects on the technical and functional needs of platform.
  • Continuously deliver best practices and operations for security and compliance while maintaining customers’ business productivity and collaboration.
  • You have experience identifying, providing and validating security requirements of engineering/IT solutions, in a Cloud/SaaS environment.
  • You effectively assess then convey security risks and mitigation recommendations to technical as well as non-technical stakeholders
  • You are a subject matter expert in Microsoft security technology
  • Assist with the implementation and maintenance of information security activities including access/identity management, vulnerability assessments, penetration testing, infrastructure and regulatory compliance with privacy laws
  • Analyze business needs and oversee security architecture, administration and policy planning to reduce the risk of a security breach
  • Act as a subject matter expert, providing mentorship and direction on standard methodologies for the protection of information as well as a DevSecOps champion across the organization.
  • Implement/monitor threat protection for compute, storage, and networks
  • Azure Sentinel Incident response and investigation. Configure Log Analytics workspaces for incident investigation and alerting for identified threats
  • Penetration testing/Resilience/Fault Tolerance
  • Works with managed security services to monitor logs and report security events
  • Perform analysis of system security on Azure Virtual Machines, Cloud Services and Data
  • Understand and deploy encryption technologies such as TLS, IPSEC, certificates, etc

Years of Relevant Experience

  • 7+ years of scripting for system/resource automation
  • 4+ years public IaaS/PaaS cloud security experience
  • 4+ years managing Identity and Access Management systems
  • Experience monitoring, alerting and managing multi-region high scale distributed systems
  • Experience in Azure Monitor, Log Analytics, and KQL
  • Experience with Azure Policy, Security Center and Azure Sentinel

Required Skills

  • DevOps and CI/CD tool chains (i.e. Jenkins, Spinnaker, Azure DevOps and developer services)
  • Expertise implementing and monitoring IaaS/PaaS security solutions in public cloud platforms (e.g. Azure, AWS, Google Cloud)
  • Proficiency in one or more of the following security technologies: data loss prevention, encryption, cloud access security brokers, identity and access management, micro-segmentation, multi-factor authentication, endpoint protection, threat modeling, fault tolerance and failover, SIEM/SOAR and perimeter defense
  • Proficiency implementing security solutions in zero-trust networks
  • Knowledge of information security standards (NIST, ISO, GDPR, etc)

Desired Skills

  • Microsoft Azure certifications
  • Experience with NoSQL Technology (e.g. Cassandra, MongoDB, HBase, DynamoDB etc.)
  • Security tooling for Container orchestration systems (i.e. Docker, Kubernetes, OpenShift, Cloud Foundry, GitHub).

Education Required

  • S. in Computer Science (or equivalent experience)
  • Desired: GSEC (or other GIAC certification) or CISSP (plus)

Work Flexibility

  • Remote fulltime role
  • Schedule: Monday – Friday business hours (e.g. 8am -5pm) Pacific Time
  • No travel required