Security Engineer
Network/Security
Remote
Contract
Title: Security Engineer (L5)
Start Date: Immediate
Position Type: Contract
Location: Remote across USA
Job Overview:
We are seeking an experienced Security Engineer to join our team and play a pivotal role in the modernization and migration of currency applications and data within the bank environment to Google Cloud Platform (GCP). The primary objective of this role is to ensure that the bank’s security posture is robust and resilient throughout the entire cloud transformation process. This includes implementing security guardrails, protecting sensitive data, securing applications, and ensuring compliance with industry standards and regulations.
As a Security Engineer, you will collaborate with cross-functional teams to design, implement, and enforce comprehensive security measures in the cloud environment to safeguard applications, data, and infrastructure. You will play a critical role in identifying potential security risks, mitigating vulnerabilities, and ensuring secure migration of banking systems to GCP.
Key Responsibilities:
- Cloud Security Architecture: Design and implement secure cloud architectures on Google Cloud Platform (GCP) to protect data, applications, and infrastructure throughout the modernization and migration process.
- Security Guardrails: Establish and enforce security guardrails, policies, and best practices to ensure secure deployments in the cloud, including identity and access management (IAM), encryption, and network security.
- Application Security: Work with development teams to integrate secure coding practices, perform application security assessments (e.g., static/dynamic analysis), and implement necessary security controls for currency applications being migrated to GCP.
- Data Security & Privacy: Design and enforce data security strategies to protect sensitive banking data both in transit and at rest, ensuring compliance with industry regulations (e.g., PCI-DSS, GDPR, SOC 2).
- Threat Detection & Incident Response: Implement advanced threat detection, logging, and monitoring solutions to identify vulnerabilities, respond to incidents, and mitigate potential attacks or breaches in cloud-based environments.
- Vulnerability Management: Conduct regular vulnerability assessments and penetration testing on cloud infrastructure and applications to identify security weaknesses and implement corrective actions.
- Compliance & Regulatory Requirements: Ensure that cloud migrations and modernization efforts comply with relevant security and regulatory standards, including industry-specific requirements for financial institutions.
- Security Automation: Leverage automation tools (e.g., Terraform, Cloud Security Command Center) to deploy security policies and ensure continuous enforcement of security guardrails in the cloud environment.
- Collaboration with Cross-Functional Teams: Work closely with infrastructure, platform, and DevOps teams to ensure that security measures are integrated into the development, deployment, and operations of cloud-based applications and data systems.
- Security Training & Awareness: Provide security training and awareness for internal teams, promoting best practices and a security-first mindset throughout the organization.
- Documentation & Reporting: Create and maintain detailed documentation for security processes, policies, and incident responses. Provide regular reports to leadership on security posture, risks, and mitigation strategies.
Required Qualifications:
- Education: Bachelor’s degree in Computer Science, Information Security, or a related field. Certifications in cloud security (e.g., Google Cloud Certified - Professional Cloud Security Engineer) are highly desirable.
- Experience: Minimum of 5-7 years of experience in information security, with at least 3 years focused on cloud security, preferably on Google Cloud Platform (GCP).
- Cloud Security Expertise: Strong hands-on experience with GCP security services, including Identity & Access Management (IAM), Cloud Security Command Center, Cloud Armor, VPC Service Controls, and Cloud Key Management.
- Security Best Practices: Deep understanding of security best practices for cloud environments, including data encryption, network security, and identity and access management.
- Application Security: Experience with securing applications in the cloud, including performing security code reviews, dynamic/static analysis, and implementing secure SDLC practices.
- Cybersecurity & Threat Intelligence: Expertise in implementing SIEM (Security Information and Event Management) systems, threat intelligence, and threat hunting to identify and mitigate security incidents.
- Vulnerability Management: Experience with vulnerability management tools and techniques, including running regular scans, patch management, and penetration testing in the cloud environment.
- Regulatory Compliance: Knowledge of industry regulations and standards for financial institutions (e.g., PCI-DSS, GDPR, SOC 2) and the ability to design security solutions that meet compliance requirements.
- Incident Response: Experience developing and implementing incident response plans, identifying potential breaches, and managing the security incident lifecycle.
- Automation Tools: Familiarity with tools like Terraform, Cloud Deployment Manager, or Ansible for automating security configurations and deployments in the cloud.
Desired Skills:
- Strong Communication Skills: Excellent ability to communicate complex security concepts to both technical and non-technical stakeholders.
- Problem-Solving & Analytical Skills: Strong analytical skills to assess security risks, identify vulnerabilities, and design mitigation strategies effectively.
- Collaboration: Ability to work cross-functionally with development, DevOps, platform, and operations teams to ensure security is embedded into all aspects of the cloud migration process.
- Security Certifications: Additional certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or Certified Ethical Hacker (CEH) are a plus.
- Knowledge of Financial Industry Security Needs: Familiarity with banking-specific security concerns, such as protecting transactional data, regulatory compliance, and secure handling of currency applications.