Information Security Engineer

W2 Only

Job Title: Sr. Information Security Engineer

Job Location: AZ NC TX Hybrid

Work Authorization: USC/GC/GCEAD/H4EAD

Mode of Interview: Phone/Skype

Job Duration: Long Term W2

Job Description:

Responsibilities: Seeking an experienced Senior Info. Security Engineer to join our Cloud Security Delivery Team to support engineering tasks and policy development specific to Palo Alto Networks Prisma Cloud Enterprise. Become part of an exciting fast paced Team that helps to ensure secure Cloud enablement as part of delivering Clients Digital Infrastructure Strategy Program. Position responsibilities are surrounding Cloud Security Posture Management including:

Tools and Skills Required :

• 5 years of information security experience
• 1 year of deep Prisma Cloud Enterprise experience or experience with a similar Cloud Security Posture Management tool
• Proven experience creating Prisma Cloud Enterprise custom policies via RQL or experience with policy development for a similar Cloud Security Posture Management tool
• Extensive cloud Security knowledge of services workloads and hardening practices
• Experience with Agile Scrum or Kanban methodologies
• Knowledge/experience with scripting/automation languages such as Terraform Python and/or PowerShell
• Knowledge and understanding of CIS and NIST Cybersecurity frameworks
• Strong verbal and written communication skills
• Proven ability to work independently as well as having strong interpersonal skills to work effectively within a Team and with partner Teams
• 2 years of Kubernetes experience
• Experience in implementing security solutions in Google Cloud Platform
• Experience with creation of Build policy subtype in Prisma Cloud Enterprise using YAML
• Knowledge and understanding of DevSecOps and deployment automation to cloud environments
• Familiarity with of various cloud security and related risk frameworks (COBIT Cloud Security Alliance (CSA) FedRAMP etc.)
• Experience enabling autoremediation via Prisma Cloud
• Experience with IAM & Data protection expertise for monitoring and responding to related incidents
• Expertise and experience with API driven automation of policy creation
• Expertise and experience with Infrastructure as Code (IaC) and/or Policy as Code (Client) concepts/tools
• Experience with change and incident management practices in medium to large enterprise environments
• Knowledge and understanding of Splunk and/or Google Chronicle
• Security certifications such as Certified Information Systems Security Professional (CISSP) Global Information Assurance Certification (GIAC) or equivalent
• Client Azure and/or Google Cloud Certifications