Senior Cyber Security Engineer, Cloud and CI/CD Pipeline Security - Bethlehem
Guardian Life
Senior Cyber Security Engineer, Cloud and CI/CD Pipeline Security Overview Reporting to the Head of Cybersecurity Engineering Services, the position will be responsible for the maintaining of and continuous improvement to Guardian's security infrastructure. The individual will be challenged with working across a heterogeneous cross functional technology stack, delivering on key projects, performance enhancements, innovation, and responding to escalated security technology issues. The Guardian Cyber Security Engineering team engineers, builds and owns a broad variety of cutting-edge security controls that fall in the domains of Network, Endpoint, Data, Identity, Cloud and Application security within the Secure CI/CD Pipeline and are deployed within SAAS, PAAS, Private and Public IAAS environments. The Team is also responsible for ensuring efficiency, effectiveness, and resiliency of the said controls. The team assesses and prioritizes the modernization and effectiveness of Guardian's cyber security technology. The Security Engineering team partners with other Guardian cyber security and technology service teams & suppliers to build effective protective/detective controls, ensure their efficient and highly available operations, designs Security Monitoring and Response Use Cases with the goal to create robust countermeasures. The selected team member will follow a Secure DevOps methodology to support infrastructure as code that aligns with Guardian's strategy to shift-left and be proactive in remediating potential misconfigurations and vulnerabilities within the Company's CI/CD pipelines. You Are: A seasoned and experienced engineer who can translate mission, objectives, and goals into well-sequenced technical activities and who strives to get technology operating efficiently, reliably, by requiring the minimum of human intervention. Someone who thrives to partner & collaborate across the Company to deliver outstanding service to our internal business and technology colleagues by endorsing and promoting the Company's values, goals, and success factors. You Will: Design, implement, operationalize, and maintain cutting-edge Cloud, Pipeline and Application security technologies on-premises and in the Cloud. Perform risk and compliance self-assessments; identify, document, and remediate risks associated with defects in the current implementation or limitations of the above security controls. Conduct vendor and product feature assessments and proof of concepts to help Guardian maintain the best-in-class cyber security technology portfolio. Partner with other technology teams to define and implement Guardian cyber security strategy. Design and operationalize, through code development, the automated workflows for response to operational issues and for deployment of configuration changes. Partner with other technology teams to enhance Guardian CI/CD Pipeline with additional security controls and to broaden the self-service capabilities of Guardian Cloud environment. Resolve escalated service issues and coach other engineers on troubleshooting efforts. Partner with other technology teams in handling and responding to internal customer issues, conducting problem analysis, providing solutions for service level improvements, and ensuring timely remediation of security issues in accordance with corporate policies and standards. Provide advisory consulting services on the topics of cloud, pipeline and application security to the leadership, partner teams, internal customers; work with Company suppliers on product enhancements. Enhance existing and develop new processes, procedures, and baselines with respect to cyber security and the use and operation of information systems. Support internal and external audit and compliance reviews, lead the team on gathering requirements and evidence, and provide timely responses. Drive initiatives to grow the cyber security mindset and best practices across the Company, with an emphasis on gaining measurable results You Have: Intellectual curiosity and proven record of spotting anomalies and inconsistencies and identifying creative solutions to resolve security control deficiencies and to optimize performance. Strong analytical, critical thinking, and problem-solving skills, to assess the level of risk and potential impact of sub-optimal implementation of security controls to mitigate new cyber threats and reduce attack surfaces to the enterprise. Understanding of configuration best practices and performance baselines. 5 years of experience with implementing and operating Cloud Security controls in the domains of Network, Endpoint, Data, and Identity Security. Knowledge of CI/CD pipeline components and the integrations with the various security controls; knowledge of GIT. Working knowledge of Python, Terraform, programming and operating of Jenkins. Proven ability to interpret and correlate the data produced by various event sources network security devices, operating systems, web servers, Public Cloud IaaS, endpoint security agents, etc. Familiarity with TCP/IP protocol stack, including routing, network address translation, TCP/UDP connectivity, application-level protocols (HTTP, SMTP, DNS, etc.) Ability to further develop DevSecOps skillset to implement various security controls, define infrastructure as code, deploy cloud-based security services. Working knowledge of using an enterprise-grade SIEM to build dashboards, alerts, and reports. Strong communication and documentation skills; ability to develop reference documentation, network diagrams, standard operating procedures, process workflow and decision tree diagrams. Excellent organizational skills. You are detail-oriented and have an ability to manage and follow up on multiple competing priorities effectively. Customer-focused demeanor; excellent interpersonal skills and a sense of humor. Bachelor's degree in information technology or any STEM discipline; master's degree is preferred. Nice to have Developer-level knowledge of some of the following technologies: Puppet, Ansible, Splunk Phantom, Active Directory Group Policy. Experience with consuming vendor APIs. Knowledge of Microsoft Windows PowerShell. Recognized Security Industry and Public Cloud IaaS certifications (AWS, Azure, GCP). Familiarity with security industry standards and best practices (NIST 800-53, ISO27001, NIST CSF, HITRUST, NYDFS-Cybersecurity, HIPAA, FedRAMP, OWASP, etc.) Familiarity with ITIL; experience with incident, problem, change, and risk management. Location & Travel: 2 days a week at our offices in Holmdel, NJ, Bethlehem, PA, Stamford CT and New York, NY Salary Range $114,080.00 - $187,415.00 The salary range reflected above is a good faith estimate of base pay for the primary location of the position. The salary for this position ultimately will be determined based on the education, experience, knowledge, and abilities of the successful candidate. In addition to salary, this role may also be eligible for annual, sales, or other incentive compensation. Our Promise At Guardian, you'll have the support and flexibility to achieve your professional and personal goals. Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards. Inspire Well-Being As part of Guardian's Purpose - to inspire well-being - we are committed to offering contemporary, supportive, flexible, and inclusive benefits and resources to our colleagues. Health Care Choice of [high deductible/copay] medical plans with prescription drugs, including coverage for fertility and transgender inclusive benefits Dental plan Vision plan Health care accounts - flexible spending, health reimbursement, and health savings accounts Critical illness insurance Life and Disability Insurance Company-paid Life and Disability insurance plus voluntary supplemental coverage Accident insurance Retirement and Financial 401(k) retirement plan with a company match, plus an annual age/service-based Company contribution and an annual profit-sharing contribution, if applicable Complimentary 1:1 financial guidance with a licensed Fidelity representative Time Off and Remote Work Flexible work arrangements (part in-person/part remote) Unlimited paid time off for most roles plus time off for volunteering, jury duty, voting, and bereavement Personal holidays for colleagues to use in recognition of religious, cultural, or civic days Paid parental leave and paid family and medical leave policies Emotional Well-being and Work-Life Emotional well-being, mental health, and work/life resources powered by Spring Health Wellness programs, including fitness program and equipment reimbursement Child, adult, and elder back-up care support through Bright Horizons Adoption assistance College planning Tuition reimbursement Student loan assistance Commuter benefits in select metropolitan areas Benefits apply to full-time eligible employees. Interns are not eligible for most Company benefits. Equal Employment Opportunity Guardian is an equal opportunity employer. All qualified applicants will be considered for employment without regard to age, race, color, creed, religion, sex, affectional or sexual orientation, national origin, ancestry, marital status, disability, military or veteran status, or any other classification protected by applicable law. Accommodations Guardian is committed to providing access, equal opportunity and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. Guardian also provides reasonable accommodations to qualified job applicants (and employees) to accommodate the individual's known limitations related to pregnancy, childbirth, or related medical conditions, unless doing so would create an undue hardship. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact applicant_accommodationglic.com.
Apply Now
Facebook
Whatsapp