Cyber Security Analyst
1) The tissue in plants that brings water upward from the roots;
2) a leading global water technology company.
Xylem, a leading global water technology company dedicated to solving the world’s most challenging water issues, is the leading global provider of efficient, innovative and sustainable water technologies improving the way water is used, managed, conserved and re-used. Our international team is unified in a common purpose: creating advanced technology and other trusted solutions to solve the world’s water challenges. We are committed to creating an organization of inclusion and diversity, where everyone feels involved, respected, valued and connected, and where everyone is free to bring their authentic selves and ideas.
If you are excited and passionate about helping us #letssolvewater, we want to hear from you! For more information, please visit us at www.xylem.com.
We Offer You More Than Just “A Job”
- Professional Development – To advance the capabilities of our people, we offer a wide variety of experiences to support our employees’ professional growth and continuous learning.
- Total Rewards – We offer comprehensive programs for compensation, benefits, recognition, learning and development, work-life integration and corporate citizenship.
- Watermark – Watermark is our corporate social responsibility program working to provide education and access to safe water to ensure healthy lives, gender equality, and resilient communities. Employees have the opportunity to learn and volunteer on various water-related projects.
- Employee Networks – Our Employee Networks provide a professional, supportive network for employees from diverse backgrounds, including Women’s, LGBT+ and Allies, Veteran’s, People of Color and Allies, Emerging Leaders, and Working Parents Networks.
The Role: Cloud Security Engineer
Essential Duties/Principal Responsibilities:
- Provide subject matter expertise in Cloud technologies and support security documentation by providing SME input into policy, standards, and guidelines
- Conceive new solutions to problems and take them through rapid prototyping, validation, iterative development and continuous test and deployment.
- Design and implementation of security technology solutions related specifically to security requirements of cloud hosted systems
- Design, architect, and implement network security features and functionality such as network access controls, inbound and outbound traffic filtering and monitoring, subnetting for isolation, etc
- Research, evaluate, design, test, recommend, and implement network security tools such as proxy servers, IDS/IPS tools, DDoS prevention tools, etc.
- Research emerging technologies in support of operational security control implementation and enhancements
- Administer network security and computing devices/systems that enforce security policies and controls in the Xylem/Sensus cloud environments
- Support a wide range of security technologies including, but not limited to: SIEM, NIDS/IPS, HIDS, malware analysis and protection, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensic analysis software and security incident response
- Respond to external audits, penetration tests and vulnerability assessments
- Develop a library of deployable and documented cloud design scripts, processes, and procedures
- Perform project leadership tasks on select security projects
Skills and Competencies
- Experience with operational security tools
- Experience with AWS management tools such as AWS Config, Cloudtrail, Cloudwatch, Systems Manager, Trusted Advisor, WAF, etc.
- Experience with secure password storage, Anti-Virus/Anti-Malware, containerized vulnerability management (Twistlock/Aqua CSP), SafeNet/Gemalto Authentication, Tenable Security Center, Nessus Scanner, Qualys, Passive Vulnerability Scanner, ArcSight SIEM, ArcSight Logger, Sumo Logic.
- Experience with build/deployment tools and related environmental artifacts (such as Salt, Chef, Jenkins, Jira, Subversion and Git)
- Experience with infrastructure as code tools (Terraform and CloudFormation)
- Proven project management and organizational skills, specifically managing multiple concurrent projects
- Experience securing and supporting MongoDB, CouchDB or Cassandra
- Understand how to design and implement security tests in accordance with stated criteria
- Superior analytical, problem solving and decision making skills, applied with a solution-focused attitude
- Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy
- Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism
- Experience with the Atlassian Tools (Jira, Confluence, Bitbucket)
- Excellent teamwork skills
- 3 or more years of experience with the secure design and deployment of systems using AWS or Azure
- 3 or more years of experience with AWS or Azure security services
- 3 or more years of experience designing, developing and/or deploying security tools and technologies for cloud architectures
- High degree of comfort using containerization technology, minimally including Docker and Kubernetes
- Proficient with Python is a must.
- Must have solid background with Linux, Windows OS and network security
- Proficiency with firewalls and rule reviews, IDS/IPS (Network and Host level), vulnerability assessment tools, DLP, Wireless IDS/IPS, sniffers, TCP/IP protocol stack and the OSI layer, content management and filtering systems, VPN, remote access AAA, application white listing, password management/vaults, log management and correlation, and device/application hardening requirements
- Senior-level working knowledge of AWS tools including: VPCs, security groups, EC2, Route53, IAM, KMS, S3, CloudFormation, CloudWatch, Shield, WAF, etc.
- Proficiency in vulnerability management. Specifically with Nessus, Security Center, Tenable.io
- Experience with configuration management and automation (Terraform, Jenkins, DSC, Ansible, etc.)
- Proficient with OpenStack, Google Cloud Platform, Azure and/or IBM Cloud
- Experience maintaining unified security solutions across disparate cloud technologies, accounts, services, and landscapes