Carfax, Inc. Centreville , VA 20122
Posted 4 weeks ago
Join Our Winning Team as a Cloud Security Engineer
Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We're more than just a company: We help millions of consumers make more-informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment. One last thing: Our four-day week continues in Summer 2024!
The Cloud Security Engineer role will play a pivotal role in safeguarding our organization's information systems, networks, and data assets from cyber threats. The successful candidate will join a team of talented security professionals, implement robust security measures, and contribute to the development and enhancement of our overall cybersecurity strategy.
At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Centreville, VA office subject to change with future business needs.
What you'll be doing:
Engineer and maintain security solutions in a dynamic private and public cloud environment
Secure applications and infrastructure in a large multi-account AWS Organization
Conduct detailed assessments of systems, applications, and infrastructure to ensure they are appropriate, secure, and defensible based on least privilege
Respond to and mitigate security incidents (ex. threat hunting, event analysis, investigations, post-incident analysis, etc.)
Develop and implement security strategies and policies to protect the organization's cloud assets
Integrate security tools into SIEM and SOAR platforms to feed to security operations
Serve as a subject matter expert and provide expertise on topics related to cloud security
Enhance enterprise security posture to better protect against attacks and detect new threat vectors
Assess and analyze security risks, recommending and implementing measures to mitigate identified risks
Self-organize and prioritize activities independently.
Create and maintain documentation and perform status reporting.
What we're looking for:
Bachelor of Science degree in Computer Science, Information Assurance, or a related field with a minimum of 5 years hands-on experience in a security engineering role
Industry relevant professional certifications including but not limited to: CISSP, CCSP, GIAC Cloud Security Automation (GCSA), GIAC Cloud Penetration Tester, (GCPN), SANS GIAC Public Cloud Security (GPCS), CCSK, AWS Solutions Architect
Associate, AWS Solutions Architect
Professional, AWS Certified Security
Specialty
Experience in engineering cloud security guard rails in AWS/Azure
Expertise in securing container images at rest, build, and runtime
Experience with Cloud Security Posture Management (CSPM) tools (ex. AWS Config, Cloud One Conformity, Wiz.io, AWS Security Hub, Azure Security Center)
Experience with Key Management
Ability to communicate with different levels of leadership conveying risk and driving urgency for risk remediation
Ability to mentor and train team members to work effectively and securely in the cloud
Highly preferred to have:
Hands-on experience implementing security tools into CI/CD pipelines
Experience with web application security and penetration testing
Experience with Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions
Experience with various virtualization and cloud technologies including on-prem virtualization, SaaS, PaaS, & IaaS
Experience with both Windows & Linux based operating systems
Knowledge of risk management and NIST Cybersecurity Framework controls
Working knowledge with automation and monitoring platforms
Experience operating security training and awareness programs
What's in it for you:
Competitive compensation, benefits and generous time-off policies
4-Day summer work weeks and a winter holiday break
401(k) / DCPP matching
Annual bonus program
Casual, dog-friendly, and innovative office spaces
Don't just take our word for it:
10X Virginia Business Best Places to Work
9X Washingtonian Great Places to Work
9X Washington Post Top Workplace
St. Louis Post-Dispatch Best Places to Work
Carfax, Inc.