Cloud9 is looking for a talented hands-on security and systems professional to help architect and manage the secure operation of the company’s cloud based technical infrastructure. This role includes responsibility for technical security implementation, administration of network security systems, creating and maintaining accurate technical documentation and a lead role communicating our technical solutions with internal compliance and external security auditors. If you have passion for cutting edge cloud services, deep interest in cybersecurity architecture and information security technologies, have the ability to convert complex requirements into efficient designs, and enjoy working in a fast-paced environment with talented engineers then Cloud9 is for you.

WHAT YOU WILL DO

In this position, you will be the primary owner of Cloud9 technical security administration and reporting responsibilities ranging from planning, implementation and administration of network security technology for our corporate, development and production infrastructure on the Amazon AWS cloud. You will be required to implement and upgrade cloud compute instances, databases, and network infrastructure using security best practices. The successful candidate will have a lead role in security technology selection, deployment and ongoing management for mission critical production services. As lead for security implementation and management, you will be the technical liaison for SOC and ISO recertification with external security auditors. This role requires excellent written and oral communication skills as you will be interfacing with Cloud9’s customers, management and internal functional teams at all levels.

Responsibilities

• Lead projects through design, pilot and deployment for new security solutions across a large-scale production cloud environment.
• Implement, configure, and upgrade cloud computer systems, servers, firewall, intrusion-detection and network infrastructure using security best practices and incorporating solutions to meet or exceed SOC2, ISO 27001, and other regulatory requirements.
• Research security trends and emerging technologies, identify our business and technical requirements, perform technical evaluation and support deployment of multi-regional security solutions.
• Review implementation of security controls and evaluate effectiveness, make recommendations for improvements
• Act as a subject matter expert on security practices and controls to support secure solution design.
• Clearly understand contract terms and conditions related to customer security requirements and contribute to contract execution support related to security.
• Maintain weekly compliance meetings/calls to discuss and review current incidents and investigations.
• Develop a strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, i.e. ISO 27001
• Coordinate and track all information technology and security related audits including scope of audits, business units/product/services involved, timelines, auditing bodies and outcomes.
• Execute monthly Information Security Audits to ensure compliance with Information Security Policies
• Work with auditors as appropriate to keep audit focus in scope, maintain excellent relationships with audit entities and provide a consistent perspective that continually puts the institution in its best light. Provide guidance, evaluation and advocacy on audit responses
• Keep abreast of security incidents and act as primary control point during information security incidents

THE RIGHT BACKGROUND

Required Skills and Experience

• 5+ years Linux & Windows systems administration skills including shell scripting, database programming, network administration and managing server infrastructures
• Knowledgeable in PCI, HIPAA, SOC, or ISO 27001 security compliance standards, certification, reporting and maintaining process
• Well versed in internet architectures, including web, application, and database components such as Apache, IIS, memcache, MySQL, SQL Server, etc.
• Proficiency scripting in one or more programming Languages: Python, Perl, Shell Scripting, Bash
• Experience with puppet or chef, CI/CD processes and secure SDLC preferred
• 2+ years’ experience with Amazon Web Services (AWS) or GCP platform capabilities and architectural best practices.as well as experience implementing security mechanisms and controls in a cloud environment.
• Solid understanding of TCP/IP network protocols and experienced with firewalls, NAT, packet analysis and tools like Wireshark
• Experience with application load balancing solutions for scaling and HA
• Familiarity with security forensics and analysis of security threats and events and able to perform vulnerability scans, analyze results and assist with remediation.
• Experience with two or more of the following analytics tools: Splunk Enterprise Security, Logrythm, Checkpoint firewall, Fortinet firewall, Cisco ASA with AnyConnect , McAfee Web Gateway, Bluecoat, Threatstack or another commercial SIEM product.
• Experience in an Agile/Scrum development environment.
• Strong oral and written communication skills with ability to understand technology sufficiently to clearly communicate the complexity in simple terms for key stakeholders

Desired Skills

• Knowledge of and experience with KSM or secure key management solutions.
• Maintains, or is able to obtain within 6 months, relevant information security certifications, such as CISA, CISM, CISSP
• Experience with VoIP systems.
• Familiar with building and delivering executive level presentations and comfortable presenting to peers on solutions and recommendations.

Education

• Bachelor’s Degree in Computer Science or Electrical Engineering is required.
• Master’s Degree in Computer Science or Electrical Engineering is preferred.

Cloud9 Technologies LLC values diversity of culture and thought and seeks talented, qualified employees in all its locations around the world regardless of race, gender, national origin, religion, sexual orientation, disability, age or any other protected classification under country or national law.