Senior Cloud Security Engineer

As a Senior Cloud Security Engineer, the primary role is to enhance the security of our cloud environments across AWS, GCP, and Azure. This involves identifying and mitigating security risks, utilizing cloud-native security tools, and managing security solutions. The engineer will collaborate with various teams to integrate security into the software development lifecycle and maintain threat models. They will also ensure compliance with security and regulatory requirements, suggest risk mitigation strategies, and respond to security queries from clients and partners. Familiarity with cloud security platforms like CNAPP, CSPM, CWPP, CASB, CIEM, and the Wiz tool is essential.

This role requires networking knowledge, particularly with Cisco equipment, and experience with WAF, DDoS protection technologies, IDS, and threat intelligence.

Responsibilities:

The Senior Security Engineer primary job responsibilities include:

• Experience in cloud security or engineering in public cloud providers AWS, GCP and Azure.
• Experience with evaluating, reviewing, and deploying cloud native security tools in AWS and Azure.
• Hands-on experience with monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM
• Lead network security initiatives with a primary focus on Cisco technologies (FirePower, ASA, ISE, Umbrella, Stealthwatch).
• Utilize the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security
• Determine, monitor and maintain our security posture, in collaboration with Engineering.
• Oversee and manage the deployment, integration and configuration of security solutions and of any enhancements to existing security solutions and the enterprise’s security documents.
• Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle.
• Implement and manage security policies, firewall configurations, and network segmentation strategies.
• Oversee the deployment and security of F5 technologies and WAF at the edge.
• Develop and implement DDoS protection strategies.
• Recommend actions/practices to management in order to ensure compliance with security and regulatory requirements in decision-making processes.
• Suggest actions in order to mitigate risk in any activity that potentially impacts security of existing IT and information management.
• Craft responses to client and partner security questionnaires
• Other duties as assigned

REQUIREMENTS

• B. A. or B.S. (or higher-level degree) in Computer Science or a similar engineering program with strong academic performance preferred
• 7+ years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure
• AWS Security, CISSP, CISA, OSCP or other information security certification
• Security certifications such as Cisco CCNP Security, AWS Security, CISSP, CISA, OSCP are a plus
• Experience in performing security reviews of cloud application designs, source code and deployments
• Must have knowledge and stay up to date on the latest cloud security advisories, alerts and vulnerabilities.
• Strong verbal and written communication skills for a highly collaborative environment
• Rigorous attention to detail and focus on quality of deliverables
• Expertise in AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM
• Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation.
• Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation
• Proven team experience and comfort in a team-oriented environment

Passion for working with cloud technology and excitement for creating high quality, secure consumer technology products.

WHY WORK FOR ALARM.COM?

• Collaborate with outstanding people: We hire only the best. Our standards are high and our employees enjoy working alongside other high achievers.
• Make an immediate impact: New employees can expect to be given real responsibility for bringing new technologies to the marketplace. You are empowered to perform as soon as you join the Alarm.com team!
• Gain well rounded experience: Alarm.com offers a diverse and dynamic environment where you will get the chance to work directly with executives and develop expertise across multiple areas of the business.
• Focus on fun: Alarm.com places high value on our team culture. We even have a committee dedicated to hosting a stand-out holiday party, happy hours, and other fun corporate events.
• Alarm.com values working together and collaborating in person.  Our employees work from the office 4 days a week.

COMPANY INFO

Alarm.com is the leading cloud-based platform for smart security and the Internet of Things. More than 7.6 million home and business owners depend on our solutions every day to make their properties safer, smarter, and more efficient. And every day, we’re innovating new technologies in rapidly evolving spaces including AI, video analytics, facial recognition, machine learning, energy analytics, and more.  We’re seeking those who are passionate about creating change through technology and who want to make a lasting impact on the world around them. 

For more information, please visit www.alarm.com.

COMPANY BENEFITS

Alarm.com offers competitive pay and benefits inclusive of subsidized medical plan options, an HSA with generous company contribution, a 401(k) with employer match, and paid holidays, wellness time, and vacation increasing with tenure. Paid maternity and bonding leave, company-paid disability and life insurance, FSAs, well-being resources and activities, and a casual dress work environment are also part of our outstanding total rewards package!

Alarm.com is an Equal Opportunity Employer

In connection with your application, we collect information that identifies, reasonably relates to or describes you (“Personal Information”). The categories of Personal Information that we may collect include your name, government-issued identification number(s), email address, mailing address, other contact information, emergency contact information, employment history, educational history, criminal record, and demographic information.  We collect and use those categories of Personal Information about you for human resources and other business management purposes, including identifying and evaluating you as a candidate for potential or future employment or future positions, recordkeeping in relation to recruiting and hiring, conducting criminal background checks as permitted by law, conducting analytics, and ensuring compliance with applicable legal requirements and Company policies.  By submitting your application, you acknowledge that we may retain some of the personal data that you provide in your application for our internal operations such as managing our recruitment system and ensuring that we comply with labor laws and regulations even after we have made our employment decision.

Notice To Third Party Agencies:

Alarm.com understands the value of professional recruiting services.  However, we are not accepting resumes from recruiters or employment agencies for this position. In the event we receive a resume or candidate referral for this position from a third-party recruiter or agency without a previously signed agreement, we reserve the right to pursue and hire those candidate(s) without any financial obligation to you. If you are interested in working with Alarm.com, please email your company information and standard agreement to RecruitingPartnerships@Alarm.com.

JR103668