Cloud Security Engineer (Multi-Cloud)

Our partner is a a Hungarian company striving for innovative IT solutions. Their development team, part of an international development team, has expanded significantly, so if the following tasks sound interesting, please apply!

Primary responsibilities

• Developing, testing, and deploying Azure/AWS/GCP Security Controls across our partner's cloud tenants through 3rd part SaaS solutions.
• Evaluating our partner’s cloud security requirements and assess how these can be implemented into Detective cloud controls, for all CSPs.
• Working closely with vendors and partner squads to develop, deploy, and test Cloud security services.
• Developing and generating compliance reports that showcase the cloud infrastructure's drift management status.
• Working with resource owners to remediate configuration drifts.
• Defining priorities, coordinating with peer teams, and leading continuous improvement efforts of security tools, systems and processes.
• Research, investigate and implement newer technologies to continually evolve security capabilities.
• Integrating, configuring, documenting, and deploying compliant infrastructure and supporting services in the Cloud platform.
• Troubleshooting problems, analysing root cause, and (where possible) fixing bugs introduced by owned or managed security solutions.
• Collaborating with Risk Management, Security Architecture, and Cyber Incident Response teams to ensure necessary controls to Cloud services are deployed and tested.
• Working in a globally distributed team to provide innovative and robust Cloud-centric solutions.

Requirements

• Deep knowledge of at least one of the 3 main Cloud Service Providers (Azure, AWS, GCP).
• Knowledge of the Shared Responsibility Model; keen understanding of the security risks inherent in hosting cloud-based applications and data.
• Experience developing across the security assurance lifecycle (mainly detect & respond controls).
• Experience configuring native CSP security tooling and capabilities.
• Experience with CSPM and SaaS 3rd party solutions.
• Understanding of OPA/REGO.
• Azure, AWS and/or GCP Certifications.
• Security certification such as CISSP, GIAC, CISM, OSCP or equivalent.
• Configuration management and patch management using automated tools.
• Experience with governance, risk and cybersecurity frameworks such NIST CSF, COBIT 5, ISO 27001/2, ITIL.
• Familiarity with standard Azure/AWS/GCP security tooling such as Security Command Center, VPC Service Controls, Azure Monitor, Azure Policy, AWS SCP, AWS Config, AWS IAM Permission Boundary.
• Deep understanding of DevOps processes and workflows.
• Working knowledge of the Secure SDLC process.
• Experience with Infrastructure as Code (IaC) tooling such as Terraform.
• Strong in scripting languages such as PowerShell, Python and Bash.
• Experience creating technical architecture documentation.
• Excellent communication, written and interpersonal skills.
• Experience in IT Service Management.
• Ability to articulate complex technical concepts to non-technical stakeholders.
• A good command of English and in general good communication skills.
• Hungarian citizenship and language skills is a must.

Advantages

• Knowledge of Agile best practices and methodologies.
• Familiarity with Logging and data pipeline concepts and architectures in cloud.
• Experience with risk control frameworks and engagements with risk and regulatory functions.
• Experience in the financial industry.
• Practical experience in designing and configuring CICD pipelines.
• Practical experience in GitHub Actions and Jenkins.

Benefits

• You will have the opportunity to gain experience in exciting, long-term, innovative projects,
• Work in a multinational environment,
• Hybrid work (50% HO)
• A team of great engineers,
• Cafeteria.