DevSecOps Engineer

Description

About AllCloud

AllCloud is a global professional services company providing organizations with cloud enablement and transformation tools. As an AWS Premier Consulting Partner and audited MSP, a Salesforce Platinum Partner, and a Snowflake Premier Partner, AllCloud helps clients connect their front and back offices by building a new operating model to harness the benefits of cloud technology and data and analytics.

Job Summary

AllCloud is seeking a highly skilled and experienced Senior Cloud Security Specialist to join our team. As a Senior Cloud Security Specialist, you will be responsible for designing, implementing, and maintaining security measures to protect our cloud-based infrastructure and applications. You will work closely with our development and operations teams to ensure that security best practices are followed throughout the cloud environment. You will also be responsible for monitoring and responding to security incidents and conducting regular security audits and assessments. The ideal candidate has a strong background in cloud security, a deep understanding of cloud architectures, and a passion for staying up to date with the latest security threats and trends.

Responsibilities

• Design and implement security controls and measures to protect cloud-based infrastructure and applications.
• Collaborate with development and operations teams to integrate security into the software development lifecycle.
• Regular security assessments and audits should be conducted to identify vulnerabilities and recommend remediation actions.
• Monitor and respond to security incidents and conduct investigations as necessary.
• Stay current with emerging cloud security threats, vulnerabilities, and industry best practices.
• Develop and maintain security policies, procedures, and documentation.
• Perform security reviews of cloud service providers and third-party vendors.
• Provide guidance and support to internal teams on best practices for cloud security.
• Conduct cloud security awareness advisories for employees.

Requirements

• 3+ Proven experience working as a Security Operations Specialist, DevSecOps Engineer or in a similar role.
• Bachelor's degree in Computer Science, Information Technology, or a related field. At least one of the relevant certifications (e.g., AWS Certified Security - Specialty, AWS Certified Network - Specialty, AWS Solutions Architect - Professional, CCSP, CISSP). Additional certifications are a plus.
• Strong understanding of cloud computing concepts and AWS architectures. GCP is a plus.
• In-depth knowledge of cloud security best practices, standards, and frameworks (e.g., CIS Benchmarks, NIST, ISO 27001).
• Hands-on experience with cloud security tools and technologies (e.g., AWS Security services, Web Application Firewalls, Cloud Security Posture Management tools).
• Experience with infrastructure-as-code (IaC) tools such as Terraform or CloudFormation. CDK is a plus.
• Experience with python programming and boto3 library. TypeScript is a plus.
• Experience conducting security assessments and audits.
• Understanding of networking protocols and security technologies (e.g., VPN, Firewall, IDS/IPS).
• Knowledge of secure coding practices and common application security vulnerabilities.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work effectively in a fast-paced, dynamic environment.

AllCloud is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under federal, provincial, or local law.