Cyber Security Cloud Engineer at Evolver, Inc. in San Francisco, CA
Evolver, a Converged Security Solutions company, is an information technology company serving the Federal, Commercial, and Legal markets that addresses client challenges in the present and transitions clients into the future by introducing efficient and effective IT solutions. With a dedicated focus on client satisfaction, CSS has proven its value time and time again, from managing day-to-day operations to skillfully navigating the implementation and support of new technologies. Our core competencies are infrastructure, application development, cybersecurity, cloud, end-user support, data analytics and legal services. We believe our employees are key to our success and continued growth. We attract and retain our diverse workforce by promoting a work-life balance with generous and flexible time off, competitive compensation and benefits, and a commitment to professional development. When you join our team, you join a community of talented and dedicated individuals whose abilities, skills, and actions contribute to the success of the company every day. Evolver is seeking a Cyber Security Cloud Engineer to join our team in San Francisco, CA. Essential Job Duties and Responsibilities Cybersecurity Engineer will drive IT Risk reduction, security, and compliance while ensuring that Information Technology supports the business objectives of the group. Additional responsibilities include:
Work with Internal stackholders in functions such as Privacy, Legal, Risk, Compliance, and Audit. Recommend and evaluate security controls and develop cloud security governance processes and procedures. Ideal candidate has prior experience in the area of cloud computing services, cloud security controls, vulnerability management, and identity and access management. Conduct vendor and internal assessments to ensure compliance with Company's security standards. Provide thought leadership and engage with Internal stakeholders to ensure alignment with business goals, and will support other cross-pillar information security teams in the execution of policy enforcement and global information security initiatives to reduce IT risks. Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood and firm impact; Provide technical assistance for understanding vulnerability remediation and will serve as a subject matter expert on remediation as well as operating system, application and firmware patching. Will work in collaboration with the IT staff and service owners. Research and Evaluate new security products as well as administer internal security systems. Minimum Qualifications and Requirements 8-10
years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus. Strong knowledge of information security concepts, tools, trends and practices Experience with IT security risk assessments, vendor management and audits Experience with security management working in hybrid environment with applications being hosted internally and on cloud platforms (Azure, AWS or Google). Experience with leading projects, engaging stakeholders and driving stakeholder management Strong knowledge of technology and security topics including network security, wireless security, application security, infrastructure hardening and security baselines, web server and database security 4
years of cyber security and vulnerability management or penetration testing techniques and validation of results. Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP) Strong problem solving, verbal and written communication skills. Experience with IT governance or security frameworks such as NIST CSF, COBIT, ISO 27001, etc. Technical Requirements (required and desired) These are the preferred tools that we are seeking; Azure functions (deployment, logging, blue/green rollouts) Powershell scripting, azure cli Azure SQL SQL Managed Instances Azure Data Factory Machine Learning (jupyter notebook deployments) Privileged Identity Management Azure DevOps (repos, pipelines,artifacts) - understanding of SDLC processes and release management Documentation:
Cloudokit, must be able to clearly diagram solutions (visio, etc) Clear communications/writing, organized, time management NSG, vnet, TCP/IP expert level PrivateLink / ExpressRoute sFTP, Windows administration, OpenSSH Training and Certifications (required and desired) Certifications a plus:
CISSP, Comptia CASP/Security+, ISACA CISM, any GIAC/Department of Defense 8570 certifications. As a federal contractor and employer of more than 100 employees, we are compliant with the President's COVID-19 Action Plan for a Safer Workforce and Executive Order 14043. The successful candidate must provide proof of full vaccination for this position. EOE Statement At CSS, we foster teamwork, growth, individuality and entrepreneurialism. We value employee opinions and encourage them to make a difference by getting involved and being thought-leaders. As a part of the CSS team, we actively promote a working and learning environment that supports a highly qualified workforce and a quality of work life that is based on trust and respect for all employees resulting in a healthy and trusting organizational culture.
Salary Range:
$100K -- $150K
Minimum Qualification
Systems Architecture & Engineering, IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
Work with Internal stackholders in functions such as Privacy, Legal, Risk, Compliance, and Audit. Recommend and evaluate security controls and develop cloud security governance processes and procedures. Ideal candidate has prior experience in the area of cloud computing services, cloud security controls, vulnerability management, and identity and access management. Conduct vendor and internal assessments to ensure compliance with Company's security standards. Provide thought leadership and engage with Internal stakeholders to ensure alignment with business goals, and will support other cross-pillar information security teams in the execution of policy enforcement and global information security initiatives to reduce IT risks. Assess publicly and privately announced security vulnerabilities to determine the risk based on severity, threat likelihood and firm impact; Provide technical assistance for understanding vulnerability remediation and will serve as a subject matter expert on remediation as well as operating system, application and firmware patching. Will work in collaboration with the IT staff and service owners. Research and Evaluate new security products as well as administer internal security systems. Minimum Qualifications and Requirements 8-10
years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus. Strong knowledge of information security concepts, tools, trends and practices Experience with IT security risk assessments, vendor management and audits Experience with security management working in hybrid environment with applications being hosted internally and on cloud platforms (Azure, AWS or Google). Experience with leading projects, engaging stakeholders and driving stakeholder management Strong knowledge of technology and security topics including network security, wireless security, application security, infrastructure hardening and security baselines, web server and database security 4
years of cyber security and vulnerability management or penetration testing techniques and validation of results. Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP) Strong problem solving, verbal and written communication skills. Experience with IT governance or security frameworks such as NIST CSF, COBIT, ISO 27001, etc. Technical Requirements (required and desired) These are the preferred tools that we are seeking; Azure functions (deployment, logging, blue/green rollouts) Powershell scripting, azure cli Azure SQL SQL Managed Instances Azure Data Factory Machine Learning (jupyter notebook deployments) Privileged Identity Management Azure DevOps (repos, pipelines,artifacts) - understanding of SDLC processes and release management Documentation:
Cloudokit, must be able to clearly diagram solutions (visio, etc) Clear communications/writing, organized, time management NSG, vnet, TCP/IP expert level PrivateLink / ExpressRoute sFTP, Windows administration, OpenSSH Training and Certifications (required and desired) Certifications a plus:
CISSP, Comptia CASP/Security+, ISACA CISM, any GIAC/Department of Defense 8570 certifications. As a federal contractor and employer of more than 100 employees, we are compliant with the President's COVID-19 Action Plan for a Safer Workforce and Executive Order 14043. The successful candidate must provide proof of full vaccination for this position. EOE Statement At CSS, we foster teamwork, growth, individuality and entrepreneurialism. We value employee opinions and encourage them to make a difference by getting involved and being thought-leaders. As a part of the CSS team, we actively promote a working and learning environment that supports a highly qualified workforce and a quality of work life that is based on trust and respect for all employees resulting in a healthy and trusting organizational culture.
Salary Range:
$100K -- $150K
Minimum Qualification
Systems Architecture & Engineering, IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
