Cloud Security Engineer

The Cloud Security Engineer helps architect deploy and operate a secure cloud application infrastructure that aligns with business needs. The position is responsible for supporting operational innovation and providing security direction to the business to elevate QTS security posture within a cloud computing infrastructure. An advanced role the cloud security engineer helps deliver applications at scale and with resiliency to support QTS business initiatives. The Cloud Security Engineer is also expected to possess advanced administrative and troubleshooting skills and be knowledgeable about architecture engineering and design principles. The Cloud Security Engineer should be adept at dealing with disparate applications and data systems to maintain the level of rigor required to adhere to business direction. Along with depth of system coverage the role requires planning and design of policies and maintenance.

In tandem with QTS security leadership the Cloud Security Engineer assesses the threat landscape and adapts quickly to protect the QTS from risk. They must be highly technical and possesses at least 5-7 years experience in security and systems administration across a wide variety of cloud infrastructure including software as a service (SaaS) infrastructure as a service (IaaS) and/or platform as a service (PaaS). They are also expected to have a strong work ethic leverage analytical and critical thinking and be skillful at meeting change requests in a dynamic environment. Because the role requires interaction across other business units strong listening and communication skills are required

RESPONSIBILITIES other duties may be assigned

Develop and maintain secure resilient enterprise-grade cloud processes in tandem with architects and system engineers.
Secure QTS business applications and computing environments across public private or hybrid cloud infrastructures.
Protect QTS business applications in compliance with privacy security business resiliency and compliance frameworks as defined in QTS corporate policies.
Maintain a consistent secure environment using configuration management solutions (e.g. Puppet Chef Ansible etc.). Conduct rigorous oversight of security systems and security configuration administration to reduce risk to QTS enterprise systems and accounts.
Deploy strong identity and access management (IDAM) controls across applications and computing environments.
Assist with development maintenance and utilization of scripts (e.g. PowerShell Python Ruby etc.) to support custom extract transform load (ETL) tools with a security focus for data flow.
Attend regular technical project and implementation meetings and serve as the security consultant to help guide secure application and infrastructure configurations.
Actively monitor assess and recommend tactical and strategic initiatives based on new and emerging threats posing risk to QTS cloud computing environments.
Manage remediation efforts after security assessment findings of weaknesses requiring attention in QTS managed cloud environments.
Document formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
Assist in maintaining strong oversight with QTS cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to security management and business unit leads when points of weakness are discovered.
Stay apprised of current and proposed security changes impacting regulatory privacy and security industry best practice guidance. Apply learned knowledge across key lines of business including products practices and procedures.
Act as a key figure in incident response for QTS cloud environments to track occurrence and resolution with strict documentation and reporting as well as engagement with security operations and incident response teams.
Perform other duties as assigned.

BASIC QUALIFICATIONS

Bachelors degree in computer science information assurance MIS or related field or equivalent industry experience
At least 5-7 years experience in cybersecurity as a practitioner and with at least 2-3 years exposure with SaaS platforms (Box Salesforce ServiceNow M365 etc) Amazon Web Services (AWS) Microsoft Azure or VMware.
Strong Linux and Windows support skills.
Experienced in cloud networking architecture and cloud operations with cloud access security broker (CASB) experience preferred.
Familiarity with tools such as Git Jenkins Chef Puppet and Salt.
Network and encryption experience including virtual private networks (VPNs) IPsec SSL/TLS LDAP and public key infrastructure (PKI).
IDAM experience such as OAuth OpenID Azure Active Directory.
Experience with scripting languages such as Python Ruby PowerShell or JavaScript.
Experienced in the use of threat intelligence services in a production environment.
Experience and understanding of various regulatory requirements and laws including but not limited to: Payment Card Industry (PCI) Sarbanes-Oxley Act (SOX) Health Insurance Portability and Accountability Act (HIPAA) General Data Protection Regulation (GDPR) and Gramm-Leach-Bliley Act (GLBA). Additionally experience in one or more of the following: ISO 27001/2 ITIL or NIST.
Up-to-date understanding of a wide-range of incident response system configuration vulnerability management and hardening guidelines.
Track record of acting with integrity taking pride in work seeking to excel being curious and adaptable and communicating effectively.
Team leadership experience to help with the organizational and team dynamics in a growing field
Demonstrated problem-solving abilities to manage complex local and international security requirements.
Self-motivated and -directed well-organized and able to position controls in anticipation of threats.
Successful track record collaborating with technical and non-technical teams to promote ideas to support business enablement.
Familiarity with international and state privacy laws.
Experience writing technical documentation.
Highly trustworthy; leads by example

US Citizenship for this position is required by law due to federal customer contracts

PREFERRED QUALIFICATIONS

Holds or working toward one or more including: CCSP CISSP AWS Certified Cloud Practitioner or additional AWS advanced certifications such as AWS Certified DevOps Engineer VMware Certified Professional Microsoft Azure Security Engineer Certification Microsoft Identity and Access Administrator

KNOWLEDGE SKILLS AND ABILITIES

Experience working collaboratively in a team environment
Excellent interpersonal skills with the ability to interface with all levels of the organization

TOTAL REWARDS

This role is also eligible for a competitive benets package that includes: medical dental vision life and disability insurance; 401(k) retirement plan; exible spending and HSA accounts; paid holidays; paid time off; paid volunteer days; employee assistance program; tuition assistance; parental leave; military leave assistance; QTS scholarship for dependents; wellness program and other company benets.

This position is Bonus eligible.

We conform to all the laws statutes and regulations concerning equal employment opportunities and affirmative action. We strongly encourage women minorities individuals with disabilities and veterans to apply to all of our job openings. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race color religion gender sexual orientation gender identity or national origin age disability status Genetic Information & Testing Family & Medical Leave protected veteran status or any other characteristic protected by law. We prohibit retaliation against individuals who bring forth any complaint orally or in writing to the employer or the government or against any individuals who assist or participate in the investigation of any complaint or discrimination claim.

The Know Your Rights Poster is included here:

Know Your Rights (English)

Know Your Rights (Spanish)

The pay transparency policy is available here:

Pay Transparency Nondiscrimination Poster-Formatted

QTS is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process please send an e-mail to and let us know the nature of your request and your contact information.