Cloud Security Engineer
US - Remote - California - Bay Area, US - Remote - Massachusetts , US - Headquarters - Maryland - Columbia
Full Time Senior-level / Expert USD 100K - 133K
Tenable
Tenable helps you find, prioritize & fix cyber risk, in the cloud and on-prem, using robust security, vulnerability management, and compliance tools.Who is Tenable?
Tenable® is the Exposure Management company. 44,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. Our global employees support 65 percent of the Fortune 500, 45 percent of the Global 2000, and large government agencies. Come be part of our journey!
What makes Tenable such a great place to work?
Ask a member of our team and they’ll answer, “Our people!” We work together to build and innovate best-in-class cybersecurity solutions for our customers; all while creating a culture of belonging, respect, and excellence where we can be our best selves. When you’re part of our #OneTenable team, you can expect to partner with some of the most talented and passionate people in the industry, and have the support and resources you need to do work that truly matters. We deliver results that exceed expectations and we win together!
Your Role:
Tenable is looking for a Cloud Security Engineer to join our Information Security team and help keep Tenable’s cloud services, applications, products and platforms secure.
The Cloud Security Engineer at Tenable is a hands-on role that requires security expertise within the cloud, automation and application security ecosystems. This is a position with high exposure to a lot of key security programs in a fast paced environment. You will be learning quickly and often as no two days will be the same. You will be responsible for security related tasks, including the operations of our cloud security and application security programs which maintain both a mentality of "shifting left" and monitoring runtime production. Your responsibilities will also include performing analysis on security alerts from various sources, following up on risk exposure, making practical recommendations to reduce risks, and then help realize the change. Your daily tasks will have you interacting closely with personnel from other functions in Information Security, Engineering, Product, Research, and Product Management.
Your Opportunity:
Assess, design, implement, automate, and document security solutions and processes for Amazon Web Service (AWS), MS Azure, GCP, SaaS applications and other cloud platforms
Drive exposure management and remediation efforts – prioritizing issues, implementing mitigations, and designing strategic preventative controls
Work with end users on secure best practices in Infrastructure as Code, cloud design patterns and CI/CD with built in application security controls
Analyze and investigate events from Cybersecurity appliances or reported incidents
Document or update standard operating procedures matching day-to-day InfoSec operations
Establish and maintain strong working relationship with all team members and all business units
Assist engineering group in evaluating and deploying new solutions
Perform day-to-day analysis of logs to detect anomalies or events that could lead to incidents
Audit Tenable’s infrastructure and automate tasks to improve efficiency
Promote security awareness throughout the organization
Perform other duties as assigned
Implement “security as code” using cloud services and CI/CD components as necessary
Customize security compliance tools to meet operational, audit and risk based needs
Monitor system security events, SIEM tools, and network traffic for unusual or suspicious activity
Develop procedures to automate security tasks during code builds and deployments
What you’ll need:
Bachelor's Degree or equivalent working experience
2+ years experience with Amazon Web Services (AWS) or MS Azure
Understanding of Cloud Computing technologies and automation (HashiCorp, Terraform, Ansible, Cloudformation, etc.)
2+ years experience with at least 1 of the following: (Python, Bash, Ruby, AWS CLI, REST APIs)
Ability to break down complex problems and implement custom solutions or scripts beyond just basics to demonstrate thoroughness of problem solving and automated security
Understanding of DevOps environments working with and influencing developers to maintain security through CI/CD processes.
Basic knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
Ability to clearly and effectively communicate concerns, issues, information security concepts to other teams
Experience with CNAPP, CSPM, or CIEM solutions
And ideally (but not required):
An understanding (or even hands on experience) of application security concepts such as SAST, DAST, SCA, WAFs, container security, threat modeling and runtime security testing
Experience with manual penetration and product security testing
Ability to build out Application Security Posture Management capabilities to let owners, developers and executives all realize our portfolio’s posture
Proficient and up to date with AWS security services and pros/cons to implementing each
Hands-on experience in MS Azure, Google Compute Cloud and 3rd party related cloud security tools
Any recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, AWS, Azure Certification, Google Cloud Certification
Ability to interface with developer and engineering community articulating security concepts, resolutions, risk and alternatives
#LI-SR1
#LI-Hybrid
This is the base pay range for this position. Compensation for the role will depend on a number of factors, including the candidate's qualifications, skills, competencies, location and experience, and may fall outside of the range shown. Employees are also eligible for variable compensation in addition to base pay (commission for sales roles, bonus for non-sales roles), depending on company and individual performance. Tenable also offers a variety of comprehensive and competitive benefits which include: medical, dental, vision, disability and life insurance; 401(k) retirement savings with company match; an employee stock purchase plan; an employee referral program; flexible spending accounts; an Employee Assistance Program (EAP); education assistance; parental leave; paid time off (PTO); company-paid holidays; health and wellness events; and community programs.
US Pay Ranges$100,000—$133,333.33 USDWe’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels. If you need a reasonable accommodation due to a disability during the application or recruiting process, please contact Recruiting@Tenable.com for further assistance.
Tenable Data Consent Statement
Tenable is committed to protecting the privacy and security of your personal data. This Notice describes how we collect and use your personal data during and after your working relationship with us, in accordance with the General Data Protection Regulation (“GDPR”). Please click here to review.
For California Residents: The California Consumer Privacy Act (CCPA) requires that Tenable advise you of certain rights related to the collection of your private information. Please click here to review.
Tags: Ansible APIs Application security Automation AWS Azure Bash CCPA CCSP CI/CD CISSP Cloud CNAPP Compliance CSPM DAST DevOps GCP GDPR Monitoring Privacy Product security Python Ruby SaaS SAST SIEM SSCP Terraform
Perks/benefits: 401(k) matching Career development Competitive pay Equity / stock options Flex hours Flex vacation Health care Insurance Medical leave Parental leave Salary bonus Team events Wellness
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.