Senior Cloud Security Engineer
Toronto
Equitable Bank
At Equitable Bank, we specialize in providing branchless financial services that meet the unique needs of all Canadians. Our range of mortgages, savings accounts and investment options are designed to offer the right solutions to match any...This section should provide a concise overview of the role's primary objective within the organization. It explains the role’s significance, how it contributes to the company’s goals, and the main outcomes position is expected to achieve.
The Cloud Security Engineer will be responsible for designing, implementing, maintaining and operating all Cloud Security tools. In addition, this role will be taking the lead for many initiatives working with our technology and business teams by providing recommendations on best practices for Cloud Security and ensuring that the appropriate security controls are applied to meet expectations from both regulatory and legal requirements, while contributing to and aligning to our overall Cloud Security Strategy.
Main Activities:
- Deploy, maintain and provide advisory related to Cloud Security tooling such as CSPM, CNAPP, EASM, Kubernetes Security Scanning
- Design solutions and provide technical input with our Cloud Infrastructure teams to ensure that our environment is configured securely and aligning to industry best practices.
- Provide advisory services to our technology/business teams related to both infrastructure and cloud security.
- Respond to any escalations/incidents in our cloud environments.
- Develop and maintain any documentation related to cloud security processes and procedures while mentoring our engineers by providing guidance and leadership on them.
- Stay up to date with the most current trends and technology around cloud security and share any knowledge and measurements (KPIs, KRIs, etc) to leadership for continuous improvement
- Lead and drive the success of Cloud Security initiatives which would result in enhancing our security posture, improving our security platforms and further growing our cloud security strategy
- Create Policy as Code, Infrastructure as Code and HELM charts that ensure our infrastructure is built with security built-in.
- Ability to automate and work with scripting languages, such as Python, Powershell and bash
Knowledge/Skill Requirements:
- A college diploma or university degree is required. Higher accreditation (e.g. Bachelor of Computer Science) is preferred.
- At least 3-5 years of information security experience with 2yr+ in Cloud Security
- Strong understanding of Cloud Security concepts, best practices and solutions.
- Understanding of Application Security concepts, best practices is an asset.
- Experience working with Infrastructure as Code, Policy as Code and HELM charts.
- Experience setting up Cloud Security tooling and integration is required.
- In-depth Experience of cloud environments (Azure, AWS) is required.
- The following certifications are an asset: CISSP, CCSP, CCSK and other cloud-provider related certifications
- Experiencing with working in highly complex technical environments
- Understanding and experience with PCI, NIST, MCSB, HIPPA, ISO 27k is required
- Experience working in banking or financial services environment is an asset.
- Strong analytical and problem-solving skills
- Excellent communication and interpersonal skills.
Complexities/Thinking Challenges:
- Ability to adapt to constantly changing technical, regulatory, and compliance environments.
- Analytical mind capable of managing numerous information sources, making decisions, and providing data analysis reports to senior management.
- The job requires researching solutions and deciding between alternatives to deal with issues or challenges
- The job uses their functional or technical expertise to inform decisions
- Define the scope of the role's responsibilities and decision-making authority. This includes who the role reports to, what decisions they are empowered to make, and how their actions impact the organization. It should also cover any supervisory or leadership responsibilities.
- Reports directly to the Manager, DevSecOps & Infrastructure Security
- This position sets priorities for themselves
- This position is empowered to make decisions that impact their own position, however, there is decision-making involved relating to vulnerability management, which could have a potential impact on the overall reputation of the bank.
- It is unlikely the decisions made in this position would have a long-term performance impact to the bank.
- This position requires contact with suppliers, and potentially with other FIs through information sharing circles, like FS-ISAC. The nature of contact with suppliers is to troubleshoot issues with current products; to understand capabilities of new products. The nature of contact with other FIs is sharing information related to the cyber threat landscape and how to industry is adapting.
Accountability:
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security AWS Azure Banking Bash CCSK CCSP CISSP Cloud CNAPP Compliance Computer Science CSPM DevSecOps Helm ISO 27000 KPIs Kubernetes NIST PowerShell Python Scripting Security strategy Strategy Vulnerability management
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.