AWS Cloud Security Engineer

Global Partners LP is seeking a hands-on Cloud Security Engineer to join our Cyber Security Team and play a key role in Global’s security and risk management operations in the AWS public Cloud.The Cloud Security Engineer’s main objective will be to secure and protect our AWS Cloud instances, workloads and applications from malicious threat actors, external threats, internal threats and malware. The Cloud Security Engineer will work with various IT, cyber security and designated business teams to secure our Cloud infrastructure and applications in accordance with industry best practices and the ever-evolving threat landscape.The Cloud Security Engineer will also advise the Cyber Security Team and CISO on emerging vulnerabilities, threats and newly introduced risks to Global’s AWS Cloud infrastructure. The Cloud Security Engineer will take a proactive approach in continually assessing the security of those systems/applications throughout their lifecycle, providing recommendations for enhancing security and adapting to new threats and vulnerabilities.The Types of “Energy” You BringExcellent written and verbal communication skills.You are self-motivated and like to take initiative.You are a team player with a positive attitude.You have great attention to detail and are highly organized.“Gauges” of ResponsibilityDesign, deploy, administer and maintain various security controls to safeguard our AWS cloud infrastructure, from both external and internal threats.Responsible for monitoring, discovering, investigating, and mitigating any related AWS cloud incidents and breaches in collaboration with both the cyber security team and our managed security services provider.Keeping our AWS Cloud infrastructure well protected, making recommendations, and continually improving on our Cloud security technologies, both AWS native and/or 3rd party provided.Ensure and monitor that configurations and security controls meet best practices thru the use of a native or 3rd party cloud security posture management (CSPM) tool.Define operational playbooks for various threat scenarios and provide periodic testing of those playbooks.Conduct routine security assessments, vulnerability scans, and coordinate penetration tests to identify and address potential security weaknesses.Engage in digital forensics to investigate breaches or security incidents in the AWS Cloud.Available 24/7 to participate in cyber incident response activities, as necessary.Collaborate with IT Disaster Recovery Team and play a pivotal role in helping to develop, test, and refine our Cloud disaster recovery and resiliency plans tailored for AWS.Develop and execute AWS security automations wherever possible.In coordination with the cyber security team, assist in conducting regular vulnerability scans of our AWS Cloud environment. Using the vulnerability assessment results to drive remediation activities.Ensure compliance with current security controls standards (CIS Critical Controls), along with our data privacy and security standards.Collaborate with cross-functional teams to integrate security best practices into the software development lifecycle (SDLC) and continuous integration/continuous deployment (CI/CD) pipelines.Coordinate periodic pen testing exercises with Global’s Red Team and also coordinate any mitigation activities, based upon findings.Staying abreast with security standards and emerging vulnerabilities/threats to proactively mitigate threats.Familiarity with Health Information Portability and Accountability Act (HIPAA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), etc. – and various state privacy laws.Maintain accurate and current documentation of the cloud network security environment.Some travel may be necessary, but will be minimal.Performing other cyber security team duties and responsibilities as assigned.QUALIFICATIONSHands-on experience with the various AWS native security services/tools, such as Firewall, Security Groups, Guard Duty, KMS, Security Hub, Route53, IAM Access Analyzer, IAM, Detective, Encryption, etc.Bachelor's degree in Information Security, Computer Information Systems, Computer Science, or other relevant work experience required.3+ years’ experience implementing, administrating, operating and supporting AWS Cloud-based cyber security controls.5+ years of overall cyber security related work experience.Strong understanding of AWS security services and cloud architecture.Deep knowledge of AWS security tools and capabilities.Experience in data protection, data security and data privacy management.Familiarity with a broad range of cyber security tools (e.g. - Velociraptor, Checkpoint Firewalls, Qradar, Crowdstrike, Rapid7, MS Defender, InsightVM, etc.).Experience with Cloud Security Compliance Frameworks and models, such as CIS, ISO, NIST, CSA, CCM and/or OWASP.Cloud Security Posture management (CSPM) tools.Experience with securing, administering, and maintaining a fully operational AWS Cloud environment.Experience with ZTNA tools and/or implementations a plus.Education/CertificationsBachelor of Science degree in Computer Science, Engineering, or related field.CISSP, CISA, CISM, CCSP or other relevant security related designation(s) required.AWS Security Certification preferred.Global Partners LP is an equal opportunity employer. We foster a company culture where ideas from all people help us grow, move and thrive. We embrace the diversity of all applicants and do not discriminate against race, color, religion, sex, age, national origin, sexual orientation, gender identity, disability, protected veteran status or any other basis prohibited by federal, state or local law. If you have a disability and need an accommodation to apply, please contact our recruiting department at 781-891-4000.

#J-18808-Ljbffr