Cloud Security Engineer

SEI is seeking to hire a Cloud Security Engineer. You will be responsible for protecting the company's use of infrastructure, applications, and data in public cloud environments from security threats. The job involves implementing, monitoring, and maintaining cloud security strategies, tools, and practices designed to ensure that the cloud environments are secure and compliance with industry and company standards. Additionally, you will work closely with other information technology, development, and operations teams to integrate security best practices into cloud systems and workflows.

You should be adaptable, possess a wide range of technical skills, and demonstrate the ability to understand security & business requirements and collaborate with the various technology teams to deploy secure cloud infrastructures and applications. You should have the ability to communicate effectively with business managers, project managers, cloud engineers, application developers, technical operations and other personnel.

What you will do:

• Establish core architecture principles, patterns and decisions for the SEI Oracle Cloud Infrastructure (OCI) with a focus on scale and governance
• Socialize and foster the adoption of cloud security standards, patterns and polices across the enterprise using repeatable design patterns
• Ensure that all cloud solutions follow security, compliance controls, and conform to SEI Information Security standards.
• Partner with the various product teams and operationalize the security operating model for the SEI OCI landing zone and the business workloads
• Operationalize the delegated security responsibility model where product teams can independently adopt cloud services in a secure fashion with oversight
• Provide security reference code and perform code reviews of the terraform Infrastructure-as-Code modules of the various product teams
• Deploy OCI policies and custom inspection tools to audit and inspect the deployed infrastructure for security and compliance
• Review the OCI Security Center audit findings and define steps for remediation

What we need from you:

• BS/BA in Computer Science, Management Information Systems or equivalent work experience
• 5 years of experience in security architecture
• 5 years of cloud networking, infrastructure management concepts and tools including: OCI Virtual Cloud Network, OCI Resource Manager, OCI Monitoring, OCI Notifications, OCI Logging, OCI Events, OCI Streaming, OCI Compute, OCI Storage,
• 5 years of Cloud Security management and monitoring: OCI Identity Domain, Managing Groups, OCI Audit, OCI Vault, OCI Cloud Guard, Oracle Access Governance
• 3 years of hands-on experience with DevOps concepts and strategies
• Experience scripting in PowerShell, Python, Go, Perl or other languages
• Kubernetes & Container security experience a plus
• Security Certifications - CSA CCSK and either ISC2 CCSP or CISSP highly preferred
• Experience with successful IaaS, PaaS, & SaaS cloud architecture solutions for large organizations with proven sustained and secure deployments
• Familiarity with security patterns for OCI cloud computing platforms such as:
  • App services, Functions (e.g. FaaS), AKS, ML & AI platforms, Storage & Data services
• Experience with identity and access management frameworks like
  • AAD, PIM, OAuth, OpenID, SAML
• Experience with one or more security frameworks (e.g. CSA, CIS)
• In place of practical experience with OCI we would accept 5 years of practical experience with major cloud platforms preferably Azure and AWS.
• Practical experience with continuous integration concepts and tools including but not limited to Azure DevOps, Jenkins and GitHub
• Practical experience with prominent Infrastructure as Code tools like Terraform, Azure Resource Manager (ARM), Ansible, etc.
• Expertise securing MS Teams and O365 deployments a plus
• Expertise with cloud-native development methodologies and security patterns a plus
• Cloud Provider Certification

What we would like from you:

• Ability to adapt to changing priorities and willing to learn and advise on new developments and patterns
• Good analytical and interpersonal skills
• Good verbal and written communication skills
• Someone who will embody our SEI Values of courage, integrity, collaboration, inclusion, connection and fun. Please see our website for more information. https://www.seic.com/

SEI's competitive advantage: