Cloud Security Engineer (Contract)

Information Technology and Network Services New York, New York


About the Role:

As a Cloud Security Engineer, you will be instrumental in increasing the quality and level of security for our cloud environment.  You will work on automating security test suites by establishing a DevSecOps workflow that integrates into our CI/CD pipeline and will be working closely with engineering teams to leverage security testing as part of their software development lifecycle.

Deep familiarity with some of the following: AWS, IAM, Container technologies, Terraform, Ansible, Jenkins, Detective Control, Secrets management, and Python are critical requirements for success in this position.

About Your Contributions:

  • Design and develop automation to ensure platform, services, container, and machine security
  • Design trusted boundaries, systems security configurations and policy enforcement areas
  • Architect to reduce attack surface
  • Act as a security subject matter expert to support development and operations teams and activities
  • Recommend and help implement improved threat response capabilities into the DevOps platform
  • Coordinate testing activities including traditional penetration testing as well as developing automated security QA testing
  • Communicate security best practices and techniques
  • Improve secrets management and rotation policy
  • Audit the accuracy of identities and roles within various platforms
  • Interpret corporate security guidelines to cloud adoption framework
  • Technical writing of policies, standards, and procedures
  • Design and implement (Incident Response) IR RACI – define roles and responsibilities
  • Develop and implement IR playbook and runbook, investigative tools, and  SIRS plan
  • Create and execute Security Incident Response Simulation (SIRS) scenarios
About You:
  • Experience with a broad set of information security best practices and technologies (e.g. application security, risk management, data protection, encryption, identity and access management, logging and monitoring, network security, security governance, etc.) within cloud environments
  • Experience working with cloud access security brokers (CASB) and cloud security management / governance tools
  • Experience with various network and host based information security technologies, including firewalls, WAFs, intrusion/threat detection/prevention, data loss prevention, anti-malware, file integrity monitoring, etc.
  • Experience with encryption (at-rest, in-transit, in-use) and secrets and key management within cloud environments
  • Experience with information security testing methods and technologies, including penetration testing, web application security assessments, vulnerability assessments, etc.
  • Understanding of Secure Software Development Life Cycle (SSDLC) security requirements (e.g. risk assessments, threat modeling, security design reviews, static application security testing, and dynamic application security testing)
  • Understanding of enterprise IT security risk assessments and related frameworks (e.g. SOC2, ISO 270XX, NIST CSF, NIST 800-XX, COBIT, etc.) and industry best practices
  • Understanding of Cloud Security Alliance (CSA) framework, CSA Cloud Control Matrix (CCM), and CSA Consensus Assessments Initiative Questionnaire (CAIQ)

About Us:

Dotdash's vibrant brands help over 100 million users each month find answers, solve problems, and get inspired. Dotdash is among the fastest-growing publishers online, and its brands are the fastest-growing in their respective categories. Dotdash brands include Verywell, The Spruce, The Balance, Lifewire, ThoughtCo, and TripSavvy.

Dotdash embraces inclusivity and values our diverse community. We are committed to building a team based on qualifications, merit and business need. We are proud to be an equal opportunity employer and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.