Cloud Security Engineer

This is a Non-Employee Contingent Worker Role providing services for TIAAs family of companies and will be employed by TIAAs preferred 3rd Party Supplier. As a Non-Employee CW perform a variety of moderately complex business planning support and project-related an exceptional standard of quality and holds themselves accountable to achieving excellent results.

This role will sit onsite likely in a hybrid capacity at the location(s) listed in this posting.

• Formulates system scope through research and fact-finding to develop or modify moderately complex information systems.
• Evaluates and implements changes to existing system logic difficulties and documentation as necessary.
• Reviews flow charts models and procedures and feasibility studies to design possible system solutions.
• Maintaining relationships with stakeholders addresses stakeholder requirements and providing clients consultations to shape the future success of EA.
• Reviews technical documentation to guide system users and to assist with the ongoing operation maintenance and development of the system.
• Providing EA support by directing teams in baseline target and roadmap development transition planning system and security management and segment architecture.
• Collaborates with system analysts engineers and programmers to design systems and to determine project limitations and capabilities performance requirements systems performance standards and interfaces.
• Identifies and documents all system constraints implications and consequences of various proposed system changes.
• Educates end users on system designs and functionalities through creation of training materials and conducting demos.
• Evaluates the efficiency and effectiveness of application operations and troubleshooting problems.

• Bachelors Degree Required

• 3 Years Required; 5 Years Preferred

• Physical Requirements: Sedentary Work

Role: Cloud Security Engineer (Multi-Cloud)

• Implement cloud security strategy standards procedures best practices and DevSecOps.
• Implement processes and technical controls supporting cloud security standards including integration of cloud services and workloads into corporate cybersecurity services.
• Collaborate with operations and engineering teams to implement and tune cloud-native security monitoring tooling and reporting
• Implement CSPM tools such as across multiple cloud platforms
• Define cloud security policies standards and best practices in a multi-cloud environment
• Promote awareness of corporate cybersecurity policy standards and guidelines
• Design cloud-based network traffic flows to drive anomaly detection capability
• Mentor engineering and operations staff on unique cloud-based security controls
• Develop tools to improve cloud specific anomaly detection requirements
• Foster a culture of security by partnering with solutions architects & other business teams to balance key performance and security
• Perform regular reviews of cloud infrastructure for security and cloud best practices.
• Develop threat models to identify risks and prioritize improvements to our architecture.
• Drive the adoption of Authentication and Authorization reference architectures for managing cloud infrastructure.
• Educate peers on applying the latest cloud native technologies when developing new services systems and applications.
• Contribute to a secure/compliant cloud-native service catalog repositories
• Maintain Compliance across our Production Development and Corporate systems hosted in the public clouds
• Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps

Preferred qualifications & experience:

• Compliance Automation
• Strong experience in vulnerability management & risk assessment
• Strong experience in implementing CIS NIST & other benchmarks
• Encryption theory & key management (PKI)
• Multi-Cloud security experience working in the Financial industry
• Proficient in analyzing architecture patterns diagrams Network & application architecture
• Ability to identify threat surfaces & identify pro-active & reactive security controls to minimize the overall residual risk.
• Cloud certifications in Azure AWS & GCP is preferred.

Anticipated Posting End Date:

Actual base salary may vary based upon but not limited to relevant experience time in role base salary of internal peers prior performance business sector and geographic location.

Equal Opportunity

We are an Equal Opportunity Employer. TIAA does not discriminate against any candidate or employee on the basis of age race color national origin sex religion veteran status disability sexual orientation gender identity or any other legally protected status.

Our full EEO & Non-Discrimination statement is on our careers home page and you can read more about your rights and view government notices here.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone:

Email:

Drug and Smoking Policy

TIAA maintains a drug-free and smoke/free workplace.

Privacy Notices

For Applicants of TIAA Nuveen and Affiliates residing in US (other than California) click here.

For Applicants of TIAA Nuveen and Affiliates residing in California please click here.

ForApplicants of TIAA Global Capabilities click here.

For Applicants of Nuveen residing in Europe and APAC please click here.