Kansas Works Jobs

Kansas Works Logo

Job Information

CTG Cloud Security Operations Specialist in Kansas City, Kansas

Cloud Security Operations Specialist

United States

Information Technology

Sep 21, 2022Post Date

22202302Requisition #

Apply for JobShare this JobSign Up for Job Alerts

CTG is seeking to fill aCloud Security Operations Specialistopeningfor our client.

Location: Remote

Duration: 12+ months

Cloud Security Operations Specialist

Our client is the leading destination for short-form mobile video. Their mission is to inspire creativity and bring joy. This company has global offices, including Los Angeles, New York, London, Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo. The Global Security Organization provides industry leading security and privacy services to ByteDance globally. Their organization uses four principles that guide our strategic and tactical operations. First, they champion trust and transparency, leading the charge in organizational transparency and execution of security and privacy capabilities that drive customer trust. Second, they are a business catalyst and enabler, embodying the DNA of technical innovation. Third, they drive risk informed and empowered decision making, giving their business leaders the information needed to make key decisions. Finally, they proactively identify and reduce risk while enabling innovative product development.

Description:

As a part of the Principal Security Operations Engineers team within the Business Operations team, you will be a part of the Security Operations team responsible for Enterprise Defense Operations and Platform Management, Hosting Platform Defense Operations, and Global Security Technology Operations. The Security Operations teams primary focus is management of security and defense platforms, technologies, tools, and services supporting security controls across the company’s environments. As the Cloud Security Operations specialist, you will be responsible for supporting the Cloud Security Operations lead along with cross-functional cyber, privacy, and data protection engineers, architects, and analysts to deploy, integrate, and manage, technologies to support the security and protection of data in accordance with relevant geographical regulations, contractual commitments, and confidentiality requirements. In your capacity as a key contributor, you are part of a team that manages the design, engineering, and deployment of tools and technologies to monitor our global cloud infrastructure footprint to validate data inventory, access and protection, and security of our vast infrastructure of data center, SaaS, and IaaS. This will include serviceability and continuing improvement of technology platforms, technologies, and services as well as collaboration with your team as they manage operational configuration updates to security tools and validate effectiveness. Further, you and your team will create a strategy for the control environment to enable and protect the company’s infrastructure, technologies, and services. This will entail understanding requirements, designing controls, and ultimately managing the on-going operation of those controls. The candidate must be skilled in assessing current state of various cloud environments against industry best practices, identifying functional and technical requirements for cloud security tooling, implementing cloud-native and third party security solutions in a multi-cloud environment, and conducting analysis on cloud related threats, incidents and other general security-related issues. The candidate must also have the ability to communicate well, participate in coordinating response and defensive actions over a variety of security disciplines, and disseminate security information as appropriate in support of the company’s critical business, go to market, and operational infrastructure needs.

Tasks and Responsibilities:

  • Support the development and execution of enterprise-wide Cloud security program

  • Define and manage security controls for a multi-cloud architecture

  • Configure, maintain, deploy, and write rules in Cloud security tools

  • Design and implement 3rd party and cloud-native tooling to meet defined requirements

  • Develop standard operating procedures and trainings for each technology

  • Architect and continuously improve security technology stack, process and procedures, support model and cross-function interactions utilizing automation where possible

  • Review and investigate alerts generated from Cloud security tools and escalate as appropriate

  • Review and assess utilization of Cloud security tooling

  • Promote and drive adoption of Cloud security tooling across the enterprise

  • Partner across the Security Operations team to respond to cybersecurity incidents

  • Develop and report Cloud security coverage metrics and remediation plans

  • Define procedures to validate the effectiveness of the design, deployment, and management of security controls that aim to maintain confidentiality, integrity, and availability of Cloud networks and technology platforms

Knowledge and Skills:

Minimum Qualifications:

  • 3-5 years of experience operating with at least one cloud provider, preferably GCP, AWS, or Oracle

  • At least one associate level cloud certification (AWS Solutions Architect, GCP Associate Cloud Engineer, etc.)

  • Strong understanding of:

  • Cloud security industry standards and best practices (CSA CCM, CIS benchmarks, etc.)

  • Linux, MacOS, and Windows internals

  • Operating and maintaining tools across Cloud security technology stack (CSPM, CWPP, SASE, CASB, CIEM, Cloud native features like GuardDuty, etc.)

  • Working proficiency with at least one scripting language (Python, JavaScript, Java, etc.)

  • Bachelors’ Degree or industry equivalent work experience in cybersecurity, international security architecture, and/or engineering in a converged security program

  • Demonstrated ability to quickly assimilate new information and remain current on new developments in cybersecurity capabilities and industry knowledge

  • Capable of creating technical documentation

  • Excellent analytical and problem-solving skills

  • Works well under pressure within time/budget constraints to solve problems, adjust quickly to shifting priorities, and make decisions with limited information

  • Demonstrated teamwork and collaboration skills

  • Highly motivated to contribute and grow within a complex area of emerging importance

  • Ability to communicate technical concepts to a broad range of technical and non-technical staff

Preferred Qualifications:

  • CISSP, SSCP, CAP, CCSP, CISM, CSX-P or applicable experience in the Information Security field

  • Experience designing/developing/implementing cloud security tools (CIEM, CSPM, CWPP, IaC scanning, SASE, CASB, etc.)

  • Professional level cloud certifications (AWS Solutions Architect - Professional, AWS Certified Security, Google Certified Professional Cloud Architect, etc.)

  • Ability to visualize and integrate cloud specific data and alerts with other security systems

  • Advanced hands-on experience using one or more programming/scripting languages (e.g., Python, Go, Java, etc.)

  • Experience in a multi-cloud or hybrid cloud environment

  • Working knowledge of SecDevOps and Shift Left concepts

  • Technical knowledge of Kubernetes and Docker technologies and associated security requirements (Kubernetes, Docker, etc.)

  • Familiarity with source code management and CI/CD tools (e.g., GitHub, Bitbucket, Jenkins, Artifactory, etc.)

  • Familiarity with securing data across SaaS and IaaS cloud platforms (e.g., AWS, Google Cloud Platform, Azure, Oracle Cloud)

  • Familiarity with securing data across multiple database technologies (e.g., MySQL, Redis, Hive)

  • In-depth experience in the following:

  • Metadata management

  • Asset management

  • Change management

  • Microservice architecture

  • Data leakage/content monitoring and filtering

  • Cloud access security broker

  • Configuration of web application firewalls

  • Be able to handle ambiguity and collaborate with a global team

  • Be comfortable communicating with business executives and technical teams

Excellent verbal and written English communication skills and the ability to interact professionally with a diverse group is required.

CTG does not accept unsolicited resumes from headhunters, recruitment agencies, or fee based recruitment services for this role.

To Apply:

To be considered, please apply directly to this requisition using the link provided.For additional information, please contactTana Stilloeat 888-284-6551 ext. 2104 or tana.stilloe@ctg.com. Kindly forward to any other interested parties—thank you!

CTG’s Benefits Plan allows you to select insurance coverage that best suits your lifestyle, and take part in our savings programs and educational plans. We offer Flexible Spending Accounts, a 401(k) Retirement Plan, and an Employee Stock Purchase plan. Our educational plan comprises access to more than 2,000 web-based technical, professional and business development courses.

CTG is a leading provider of digital transformation solutions and services that accelerate clients' project momentum and achievement of their desired IT and business outcomes. Our vision is to be an indispensable partner to our clients and the preferred career destination for digital and technology experts. CTG has operations in North America, South America, Western Europe, and India. For more information, visit www.ctg.com.

Our culture is a direct result of the people who work at CTG, the values we hold, and the actions we take. In other words, our people are the culture. It's a living, breathing thing that is renewed every day through the ways we engage with each other, our clients, and our communities. Part of our mission is to cultivate a workplace that attracts and develops the best people, reflected by our recognition as a Great Place to Work-certified company across many of our global operations.

CTG will consider for employment all qualified applicants including those with criminal histories in a manner consistent with the requirements of all applicable local, state, and federal laws.

CTG is an Equal Opportunity and Affirmative Action Employer. CTG will assure equal opportunity and consideration to all applicants and employees in recruitment, selection, placement, training, benefits, compensation, promotion, transfer, and release of individuals without regard to race, creed, religion, color, national origin, sex, sexual orientation, gender identity and gender expression, age, disability, marital or veteran status, citizenship status, or any other discriminatory factors as required by law. Our Affirmative Action program serves to promote occupational equality and diversity through good faith efforts. CTG is fully committed to promoting employment opportunities for members of protected classes.

Additional Information

  • Job Function: Information Security

  • Education Level: Bachelor's Degree (±16 years)

  • Work Remote: Yes

  • Travel: No

DirectEmployers