This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

Job offers selected exclusively for people in Texas

To post a job, login or create an account |  Post a Job

Cloud Security Engineer

Bank of America

This is a Contract position in Houston, TX posted September 24, 2021.

Job Description: Cloud Security Engineer – Multi-Cloud Specialization: The Bank of America Global Information Security
– Cyber Security Defense team is a true global operations shop with leading edge tools, processes, and people.

The candidate must have deep knowledge of security controls, features, and operations for top Cloud providers with the focus on Microsoft Azure and Amazon Web Services.

Candidate should have relevant experience to be able to build operational information protection control environment in an Azure Cloud environment and Amazon Web Services.

The candidate should be intellectually curious about technology and have a strong desire to find and mitigate risks.

Bank of America Global Information Security encourages career mobility and this role will provide the opportunity to be part of a team where development and advancement is actively supported.

REQUIRED SKILLS: Deep experience in building, configuring, operating and/or securing cloud infrastructure and applications in Azure or AWS, either with native cloud service provider capabilities or tools such as Terraform, Ansible, CloudFormation, Azure Resource Manager, Google Cloud Deployment Manager, or CloudBridge BS in computer science, networking, information systems, computer engineering, or 4 years’ equivalent experience in information systems or software engineering Minimum of two years’ experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services Minimum of two years’ experience in identifying security issues and risks, and developing mitigation plans Minimum of two years’ experience with three or more of the following areas: cryptography, web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.

A broad knowledge of information security principles (e.g.

access control) and security capabilities Experience in evaluating, recommending, and implementing new and emerging security products and technologies as well as have the important skill to articulate technical limitations and requirements to business and technology partners Some experience with large on-prem or hybrid-cloud environments deployments.

Comfort working in Linux (RHEL, SUSE Enterprise, Ubuntu, CentOS, Rocky Linux) and CLI.

Self-motivated individual with the ability to leverage technical skills and correlate data to streamline analysis quickly and effectively Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation DESIRED SKILLS: Master’s degree in Computer Science, Networking, Information Systems, Computer Engineering, Systems Engineering, Electrical Engineering, Computational Mathematics, Computational Physics, Statistics, Cyber Security or 8 years’ equivalent experience Technical experience or understanding of commonly used endpoint (Tanium, CloudStrike, osquery, strace, Nagios), network (Bluecoat, Zeek, F5, Snort, Suricata, tcpdump, Wireshark), email (Exchange server, Proofpoint, DMARC), or workforce (M365, G Suite, SAP, MDM) software, technologies and standards Experience with Azure Security Center, AWS Cloud Security Hub, or Google Cloud Security Cloud and/or security certifications related to Cloud Architecture, Data Engineering, DevOps Engineering, DevSecOps, and Machine Learning is advantageous.

Experience managing, monitoring, automating, and securing large scale Kubernetes clusters using Infrastructure-as-Code (Terraform, SaltStack, Puppet, Chef, Ansible Tower, Docker), monitoring infrastructure (Kafka, TSDB, Prometheus, Grafana, Datadog, MariaDB, Elasticsearch, MongoDB, PostgreSQL, Splunk, rsyslog, Cloudwatch), and CI/CD pipelines (Jenkins, git, Artifactory, JIRA, BitBucket) Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls Strong analytical background or willingness to be undergo extensive paid training in data science, machine learning, and statistical analysis.

Some experience with cloud-based and on-prem data solutions (Apache Hadoop, Datastore, Firestore, Cloudera Data Platform, Big Query, Azure SQL, Cosmos DB, Red Shift, Apache Spark, ElastiCache, CloudSQL, Data Bricks, Snowflake, Apache Arrow, Apache Airflow, Flink).

Familiarity with common Information Security and data protection frameworks and standards (i.e.

CIS, NIST, MITRE, ITIL, HIPAA, GDPR, PCI DSSS, ISO 270001) Minimum of two years scripting or programming experience in Python, Scala, Go, Rust, or any modern programming language.

Java is also acceptable Experience working with incident response teams, vulnerability managers, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.

Experience with configuration management, orchestration, and automation tools, such as Terraform, Ansible, Puppet, Chef, SaltStack, or Packer Enterprise Role Overview: Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems.

Researches more advanced and complex attempts/efforts to compromise security protocols.

Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team.

Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band: H5 Shift: 1st shift (United States of America) Hours Per Week: 40 Weekly Schedule: Referral Bonus Amount: 0 > Job Description: Cloud Security Engineer – Multi-Cloud Specialization: The Bank of America Global Information Security
– Cyber Security Defense team is a true global operations shop with leading edge tools, processes, and people.

The candidate must have deep knowledge of security controls, features, and operations for top Cloud providers with the focus on Microsoft Azure and Amazon Web Services.

Candidate should have relevant experience to be able to build operational information protection control environment in an Azure Cloud environment and Amazon Web Services.

The candidate should be intellectually curious about technology and have a strong desire to find and mitigate risks.

Bank of America Global Information Security encourages career mobility and this role will provide the opportunity to be part of a team where development and advancement is actively supported.

REQUIRED SKILLS: Deep experience in building, configuring, operating and/or securing cloud infrastructure and applications in Azure or AWS, either with native cloud service provider capabilities or tools such as Terraform, Ansible, CloudFormation, Azure Resource Manager, Google Cloud Deployment Manager, or CloudBridge BS in computer science, networking, information systems, computer engineering, or 4 years’ equivalent experience in information systems or software engineering Minimum of two years’ experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services Minimum of two years’ experience in identifying security issues and risks, and developing mitigation plans Minimum of two years’ experience with three or more of the following areas: cryptography, web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.

A broad knowledge of information security principles (e.g.

access control) and security capabilities Experience in evaluating, recommending, and implementing new and emerging security products and technologies as well as have the important skill to articulate technical limitations and requirements to business and technology partners Some experience with large on-prem or hybrid-cloud environments deployments.

Comfort working in Linux (RHEL, SUSE Enterprise, Ubuntu, CentOS, Rocky Linux) and CLI.

Self-motivated individual with the ability to leverage technical skills and correlate data to streamline analysis quickly and effectively Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation DESIRED SKILLS: Master’s degree in Computer Science, Networking, Information Systems, Computer Engineering, Systems Engineering, Electrical Engineering, Computational Mathematics, Computational Physics, Statistics, Cyber Security or 8 years’ equivalent experience Technical experience or understanding of commonly used endpoint (Tanium, CloudStrike, osquery, strace, Nagios), network (Bluecoat, Zeek, F5, Snort, Suricata, tcpdump, Wireshark), email (Exchange server, Proofpoint, DMARC), or workforce (M365, G Suite, SAP, MDM) software, technologies and standards Experience with Azure Security Center, AWS Cloud Security Hub, or Google Cloud Security Cloud and/or security certifications related to Cloud Architecture, Data Engineering, DevOps Engineering, DevSecOps, and Machine Learning is advantageous.

Experience managing, monitoring, automating, and securing large scale Kubernetes clusters using Infrastructure-as-Code (Terraform, SaltStack, Puppet, Chef, Ansible Tower, Docker), monitoring infrastructure (Kafka, TSDB, Prometheus, Grafana, Datadog, MariaDB, Elasticsearch, MongoDB, PostgreSQL, Splunk, rsyslog, Cloudwatch), and CI/CD pipelines (Jenkins, git, Artifactory, JIRA, BitBucket) Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls Strong analytical background or willingness to be undergo extensive paid training in data science, machine learning, and statistical analysis.

Some experience with cloud-based and on-prem data solutions (Apache Hadoop, Datastore, Firestore, Cloudera Data Platform, Big Query, Azure SQL, Cosmos DB, Red Shift, Apache Spark, ElastiCache, CloudSQL, Data Bricks, Snowflake, Apache Arrow, Apache Airflow, Flink).

Familiarity with common Information Security and data protection frameworks and standards (i.e.

CIS, NIST, MITRE, ITIL, HIPAA, GDPR, PCI DSSS, ISO 270001) Minimum of two years scripting or programming experience in Python, Scala, Go, Rust, or any modern programming language.

Java is also acceptable Experience working with incident response teams, vulnerability managers, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.

Experience with configuration management, orchestration, and automation tools, such as Terraform, Ansible, Puppet, Chef, SaltStack, or Packer Enterprise Role Overview: Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems.

Researches more advanced and complex attempts/efforts to compromise security protocols.

Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team.

Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band: H5 Shift: 1st shift (United States of America) Hours Per Week: 40 Weekly Schedule: Referral Bonus Amount: 0 Job Description: Cloud Security Engineer – Multi-Cloud Specialization: The Bank of America Global Information Security
– Cyber Security Defense team is a true global operations shop with leading edge tools, processes, and people.

The candidate must have deep knowledge of security controls, features, and operations for top Cloud providers with the focus on Microsoft Azure and Amazon Web Services.

Candidate should have relevant experience to be able to build operational information protection control environment in an Azure Cloud environment and Amazon Web Services.

The candidate should be intellectually curious about technology and have a strong desire to find and mitigate risks.

Bank of America Global Information Security encourages career mobility and this role will provide the opportunity to be part of a team where development and advancement is actively supported.

REQUIRED SKILLS: Deep experience in building, configuring, operating and/or securing cloud infrastructure and applications in Azure or AWS, either with native cloud service provider capabilities or tools such as Terraform, Ansible, CloudFormation, Azure Resource Manager, Google Cloud Deployment Manager, or CloudBridge BS in computer science, networking, information systems, computer engineering, or 4 years’ equivalent experience in information systems or software engineering Minimum of two years’ experience in network, system, or software architecture; design, implementation, support, and evaluation of security-focused tools and services Minimum of two years’ experience in identifying security issues and risks, and developing mitigation plans Minimum of two years’ experience with three or more of the following areas: cryptography, web and network protocols, data structures and algorithms, software development, threat modelling, pen tests, or vulnerability assessments Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.

A broad knowledge of information security principles (e.g.

access control) and security capabilities Experience in evaluating, recommending, and implementing new and emerging security products and technologies as well as have the important skill to articulate technical limitations and requirements to business and technology partners Some experience with large on-prem or hybrid-cloud environments deployments.

Comfort working in Linux (RHEL, SUSE Enterprise, Ubuntu, CentOS, Rocky Linux) and CLI.

Self-motivated individual with the ability to leverage technical skills and correlate data to streamline analysis quickly and effectively Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation DESIRED SKILLS: Master’s degree in Computer Science, Networking, Information Systems, Computer Engineering, Systems Engineering, Electrical Engineering, Computational Mathematics, Computational Physics, Statistics, Cyber Security or 8 years’ equivalent experience Technical experience or understanding of commonly used endpoint (Tanium, CloudStrike, osquery, strace, Nagios), network (Bluecoat, Zeek, F5, Snort, Suricata, tcpdump, Wireshark), email (Exchange server, Proofpoint, DMARC), or workforce (M365, G Suite, SAP, MDM) software, technologies and standards Experience with Azure Security Center, AWS Cloud Security Hub, or Google Cloud Security Cloud and/or security certifications related to Cloud Architecture, Data Engineering, DevOps Engineering, DevSecOps, and Machine Learning is advantageous.

Experience managing, monitoring, automating, and securing large scale Kubernetes clusters using Infrastructure-as-Code (Terraform, SaltStack, Puppet, Chef, Ansible Tower, Docker), monitoring infrastructure (Kafka, TSDB, Prometheus, Grafana, Datadog, MariaDB, Elasticsearch, MongoDB, PostgreSQL, Splunk, rsyslog, Cloudwatch), and CI/CD pipelines (Jenkins, git, Artifactory, JIRA, BitBucket) Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls Strong analytical background or willingness to be undergo extensive paid training in data science, machine learning, and statistical analysis.

Some experience with cloud-based and on-prem data solutions (Apache Hadoop, Datastore, Firestore, Cloudera Data Platform, Big Query, Azure SQL, Cosmos DB, Red Shift, Apache Spark, ElastiCache, CloudSQL, Data Bricks, Snowflake, Apache Arrow, Apache Airflow, Flink).

Familiarity with common Information Security and data protection frameworks and standards (i.e.

CIS, NIST, MITRE, ITIL, HIPAA, GDPR, PCI DSSS, ISO 270001) Minimum of two years scripting or programming experience in Python, Scala, Go, Rust, or any modern programming language.

Java is also acceptable Experience working with incident response teams, vulnerability managers, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.

Experience with configuration management, orchestration, and automation tools, such as Terraform, Ansible, Puppet, Chef, SaltStack, or Packer Enterprise Role Overview: Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems.

Researches more advanced and complex attempts/efforts to compromise security protocols.

Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team.

Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift: 1st shift (United States of America) Hours Per Week: 40