Senior Cloud Threat And Vulnerability Management Engineer - Remote / Virtual

Humana Inc. Tampa , FL 33602

Posted 2 months ago

Description

Do you have experience in IT Security and one or more of the major Cloud providers? If so, you might be a good fit for a position on the Cloud Assurance team at Humana.The Senior Threat and Vulnerability Management Engineer ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. The Senior Threat and Vulnerability Management Engineer work assignments involve moderately complex to complex issues where the analysis of situations or data requires an in-depth evaluation of variable factors.

Responsibilities

The Senior Threat and Vulnerability Management Engineer manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Monitors overall compliance with security standards and conducts periodic security audits using techniques such as ethical hacking and penetration testing using cloud monitoring tools. Begins to influence department's strategy. Makes decisions on moderately complex to complex issues regarding technical approach for project components, and work is performed without direction. Exercises considerable latitude in determining objectives and approaches to assignments. Additional responsibilities include:

  • Reviewing and researching findings in Azure Security Center, Google Security Command Center and any of a number of 3rd party tools

  • Work with internal and external teams to identify opportunities to proactively prevent vulnerabilities through use of technical controls

  • Review, test and configure Cloud Assurance related tools

  • Drive remediation through transparent tracking and reporting (automated as much as possible)

  • Partner with business and technology teams to define and drive security best practices in our cloud environments

  • Come along side internal Assurance and Compliance teams to fully understand compliance requirements and their impact to our cloud deployments

  • Design and document processes and procedures as necessary

  • Champion process and user experience improvements in Cloud Assurance team

Required Qualifications

  • Bachelor's Degree

  • 5 years experience in Threat and Vulnerability Management

  • Highly experienced with vulnerability scanning systems.

  • Must be passionate about contributing to an organization focused on continuously improving consumer experiences

  • Azure, GCP, or AWS experience

Preferred Qualifications

  • Master's Degree in a Technical Field

  • Security or Cloud Certification

Additional Information

#LI-Remote

#Clo

Scheduled Weekly Hours

40

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Cloud Threat Detections Engineer Remote Opportunity

Usaa

Posted 3 weeks ago

VIEW JOBS 10/4/2021 12:00:00 AM 2022-01-02T00:00 Purpose of Job We are currently seeking a talented Senior Cloud Threat Detections Engineer that will investigate, analyze, and respond to security anomalies and events (e.g. suspicious behavior, attacks, and security breaches) within USAA's environments using a variety of cyber defense tools to detect and respond to threats. Conducts vulnerability, security configuration, and/or penetration testing assessments of systems and networks. Identifies cyber threats, analyzes operational impacts, and communicates to appropriate stakeholders. Stays current with latest information security threats, exploits, trends, and intelligence. This role can work in a 100% Remote Work Environment or at one of our many locations across the US such as: San Antonio, Plano, Phoenix, Colorado, and Tampa. The USAA Cyber Threat Operations Center is USAA's equivalent to a Security Operations Center (SOC). The CTOC exists to detect, analyze, and respond to cyber security events. It is comprised of several teams, all reporting to the AVP of Information Security Engineering & Cybersecurity. These teams are individual units that partner as needed to provide centralized and coordinated incident response activities. The Cyber Capabilities Team (CCT) identifies, develops, and deploys custom threat detection and data analytics solutions to monitor USAA systems, users, and network, conducts Red Team operations, and manages custom CTOC infrastructure. Job Requirements About USAA USAA knows what it means to serve. We facilitate the financial security of millions of U.S. military members and their families. This singular mission requires a dedication to innovative thinking at every level. USAA Careers - World Class Benefits (31 seconds) ABOUT USAA IT Our most important qualification isn't technical, it's human. Here, we don't just sit in front of a screen. We stand behind our 12 million members who rely on us every day. We are over 5,000 employees strong, a passionately supportive and collaborative team built on agile principles. We've been a top-two Computerworld 100 Best Places to Work in IT five years in a row and were recently named a Top 50 Employer for Minority Engineers & IT by Workforce Diversity Magazine. See what it's like to work for a company where your passion meets our purpose: USAA Information Technology: A Realistic Preview PRIMARY RESPONSIBILITIES: * Identifies and manages existing and emerging risks that stem from business activities and the job role. * Ensures risks associated with business activities are effectively identified, measured, monitored, and controlled. * Follows written risk and compliance policies and procedures for business activities. * Leads peers and team members in the execution of the Information Security domain activities while anticipating efforts that will impact their team. * Researches and analyzes the latest information security vulnerabilities, threats, exploits, trends and intelligence. Shares intelligence with peer teams. * Conducts advanced vulnerability management, security configuration assessments, and/or penetration testing operations and manages the resulting findings. * Develops analysts through training and knowledge sharing activities. * Monitors internal and external networks, systems, and applications for advanced security anomalies and events (e.g. suspicious behavior, attacks, and security breaches). Trains analysts in incident detection and response. * Responds to cyber incidents, performing detailed analysis using complex security tools to determine root cause and impact by using a broad range of demonstrated experience (e.g. forensics, networking, servers, coding, etc.) to determine a malicious actor's tactics, techniques, and procedures. Trains new analysts in incident detection and response. * Utilizes discoveries from the incident response process to make significant and/or complex improvements to the existing detection capabilities, operational processes and security controls. * Prepares and delivers written and/or verbal briefs with recommendations to senior leadership on latest threats, alerts, incidents, and improvements. * Provides insight on issues and serves as a mentor and coach to peers and team members for assigned area of responsibility. MINIMUM REQUIREMENTS: * Bachelor's Degree, OR, 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree. * 6 years of related experience in Information Security, Cybersecurity and/or Information Technology with a security focus to include accountability for complex tasks and/or projects. * 4 years of related experience in Incident Response, Information Assurance, Forensics and/or Cyber Intelligence. * Advanced level of business acumen in the areas of business operations, risk management, industry practices and emerging trends. * Knowledge of attacker tools/tactics/procedures and applying them to access management, governance, threat hunting, investigations, and incident response. * Knowledge of defense-in-depth principles and security architecture. When you apply for this position, you will be required to answer some initial questions. This will take approximately 5 minutes. Once you begin the questions you will not be able to finish them at a later time and you will not be able to change your responses. PREFERRED EXPERIENCE: * Familiar with AWS cloud native technologies and adoption/migration patterns * Experience developing and maintaining documentation for cloud security systems, procedures, baselines, and best practices * Familiar with cloud security models and DevOps technologies for automation (such as Ansible, Salt, Puppet, Chef, etc.) and code version control * Experience with containers and container orchestration platforms like Kubernetes * Experience working with platform engineers on security best practices in Infrastructure as Code, cloud design patterns, and CI/CD with built in application security controls * Experience implementing security architecture, methods, and controls required to meet security, compliance, and audit requirements * Familiarity with Enterprise logging technologies such as ELK stack * Experience with Endpoint Detection and Response agents or concepts * Experience with Windows and Linux operating systems including command line usage * Experience with Python, PowerShell or Golang * Experience with manipulating/parsing structured data such as JSON/XML and unstructured data * Familiar with integrating rest APIs * Knowledge of Behavioral-Based signature/IOC development and tools (YARA, STIX, EQL) The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job. Compensation: USAA has an effective process for assessing market data and establishing ranges to ensure we remain competitive. You are paid within the salary range based on your experience and market position. The salary range for this position is: $106,800 - $192,300* (this does not include geographic differential it may be applied based on your work location) Employees may be eligible for pay incentives based on overall corporate and individual performance or at the discretion of the USAA Board of Directors. * Geographical Differential: Geographic pay differential is additional pay provided to eligible employees working in locations where market pay levels are above the national average. Shift premium: will be addressed on an individual-basis for applicable roles that are consistently scheduled for non-core hours. Benefits: At USAA our employees enjoy best-in-class benefits to support their physical, financial, and emotional wellness. These benefits include comprehensive medical, dental and vision plans, 401(k), pension, life insurance, parental benefits, adoption assistance, paid time off program with paid holidays plus 16 paid volunteer hours, and various wellness programs. Additionally, our career path planning and continuing education assists employees with their professional goals. Please click on the link below for more details. USAA Total Rewards Relocation assistance is Not Available for this position. Usaa Tampa FL

Senior Cloud Threat And Vulnerability Management Engineer - Remote / Virtual

Humana Inc.