Cloud Security Engineer

Role: Cloud Security Engineer

Type of hire: FTE or C2C

Location: Milford, MA

Who are we looking for?

• Mphasis is looking for a Cloud Security Engineer to join a dynamic team creating software that presents the capabilities and controls of scientific specialty measurement instruments for a wide range of end-user personas.
• The candidate will work collaboratively with the design lead, product owners, and other business stakeholders to understand requirement needs and then work further with development teams to get the requirements into marketable customer-facing products.

Responsibilities

• Collaborate with operations and engineering teams to implement and tune cloud-native security monitoring, tooling and reporting
• Define cloud security policies, standards, and best practices
• Design cloud-based network traffic flows to drive anomaly detection capability
• Mentor engineering and operations staff on unique cloud-based security controls
• Develop tools to improve cloud specific anomaly detection requirements
• Foster a culture of security by partnering with solutions architects to balance key performance and security
• Perform regular reviews of cloud infrastructure for security, and cloud best practices.
• Develop threat models to identify risks and prioritize improvements to our architecture.
• Drive the adoption of Authentication and Authorization reference architectures for managing cloud infrastructure.
• Educate peers on applying the latest cloud native technologies when developing new services, systems and applications.
• Contribute to a secure/compliant cloud-native service catalog
• Maintain Compliance across our Production, Development and Corporate systems hosted in the public clouds
• Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps

Qualifications

• BA/BS degree in Computer Science OR equivalent practical experience
• 8+ years working in IT, Engineering, DevOps, DevSecOps, or Security domains.
• Minimum 1 year of experience with active compliant environments, eg PCI-DSS, HITRUST, FEDRAMP or ISO 27001
• AWS or other Cloud Certifications
• Knowledge of risk assessment tools, technologies and methods
• At least 3 years implementing services on cloud infrastructure.
• Sound knowledge of AWS with experience implementing, reviewing, and strengthening new or existing deployments specifically with technologies like IAM, Guard Duty, and WAF.
• Experience with Infrastructure-as-Code products like Terraform and CloudFormation.
• Deep understanding of security principles including encryption, authentication, etc.
• Thorough understanding of networking protocols such as TCP/UDP, SSL/TLS, IPSec, etc.

Preferred Qualifications:

• Designing secure networks, systems, and application architecture
• Basic encryption theory and key management (PKI)
• Host or Network Based Intrusion Detection Tools (HIDS/NIDS)
• Compliance Automation
• Relevant security qualifications (CISSP, GSEC, AWS-SAA, AWS-SEC)