Summary

As a Product and Cloud Security Engineer, you will play a crucial role in ensuring the security of our organization's products and cloud infrastructure. You will be responsible for conducting security assessments, implementing security controls, and providing guidance to mitigate risks associated with our products and cloud environments. This role requires a deep understanding of product security principles, cloud technologies, and industry best practices to safeguard our assets and data. 

Responsibilities

Primary Responsibilities:

• Security Assessments:
  • Conduct vulnerability assessments & scanning of our products and cloud infrastructure to identify vulnerabilities, weaknesses, and compliance gaps.
  • Perform threat modeling exercises to assess potential security risks and develop mitigation strategies.
• Security Controls Implementation:
  • Implement and maintain security controls and measures within our products and cloud environments to protect against threats and vulnerabilities.
  • Work closely with development and operations teams to integrate security controls into the product development lifecycle and cloud deployment processes.
• Security Compliance:
  • Ensure that our products and cloud environments comply with relevant security standards, regulations, and industry best practices.
  • Monitor changes in security regulations and standards and assess their impact on our products and cloud security posture.
  • Complete vendor and supplier questionnaires and provide insights into contracts and SOWs
• Documentation:
  • Maintain accurate records of security events, alerts, and incident response activities in accordance with organizational policies and procedures. Document investigation findings, actions taken, and recommendations for improving detection and response capabilities.

Secondary Responsibilities:

• Incident Response and Remediation:
• • Investigate security incidents and breaches related to our products and cloud infrastructure, and coordinate response and remediation efforts.
  • Develop incident response plans and procedures to effectively address security incidents and minimize their impact.
  • Security Monitoring and Threat Detection:
  • Deploy and maintain security monitoring tools and systems to detect and respond to security threats and anomalous activities in our products and cloud environments.
  • Analyze security logs and alerts to identify potential security incidents and take appropriate action to mitigate risks.

Qualifications and Experience

• Bachelors degree in computer science, Information Security, or a related field. Master's degree or relevant certifications
• Proven 2-4 years experience in product security and cloud security, with a strong understanding of security principles, technologies, and best practices.
• Hands-on experience with security assessment tools, vulnerability scanning tools, and security monitoring solutions.
• Experience with cloud platforms such as AWS, Azure, or GCP, and proficiency in cloud security concepts and services.
• Knowledge of security standards and regulations such as ISO 27001, NIST, GDPR, HIPAA, and their implications on product and cloud security.
• Strong analytical and problem-solving skills, with the ability to identify security risks and develop effective mitigation strategies.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders.

Ability to work independently and prioritize tasks in a fast-paced environment.

• Relevant certifications such as C|EH, CCSP, CCSS, AWS Security or equivalent are a plus.

Skills

• Communications Skills
• Compliance Knowledge
• Data Security
• Problem Solving
• Risk Analysis
• Team Collaboration
• AWS