Person, Furniture, Chair

Senior Cloud Security Engineer , Columbia

Senior Cloud Security Engineer

Columbia Gateway Drive | Columbia | Maryland | United States | 21046

Your Role:

Tenable is looking for a Sr. Cloud Security Engineer to join our Information Security team and help keep Tenable’s cloud services and platforms secure.

The Sr. Cloud Security Engineer at Tenable is a hands-on role that requires a high degree of technical security expertise within the cloud and automation ecosystem (IaaS - primarily AWS, PaaS and SaaS).  You will be responsible for security related tasks, including the implementation of security automation and incorporating security in from the start or “shifting left.” Your responsibilities will also include performing assessments of security architecture, making practical recommendations to reduce risks, and then help realize the change, as well as the prevention and remediation of security vulnerabilities within cloud platforms using existing or new solutions. Your daily tasks will have you interacting closely with personnel from other functions in Information Security, Site Reliability Engineering, R&D, and Product Management.

In addition to day-to-day cloud security tasks, you will be responsible for security program maturity efforts, strategic thinking, and initiatives related to cloud.  You will work with the Product and Information Security teams to help establish and maintain cloud security processes and ensure that security issues are identified and addressed. 

Your Opportunity:

  • Assess, design, implement, automate, and document security solutions and processes for Amazon Web Service (AWS), MS Azure, GCP, SaaS applications and other cloud platforms
  • Work with end users on secure best practices in Infrastructure as Code, cloud design patterns and CI/CD with built in application security controls
  • Work with key areas of business and IT to develop baseline cloud, container, and application security standards and integrate into the CI/CD pipeline
  • Design security architecture, methods, and controls required to meet security, compliance, and audit requirements
  • Proactively stay current with developments in relevant technologies
  • Create and share unique ways to solve challenges with others
  • Implement “security as code” using cloud services and CI/CD components as necessary
  • Customize cloud compliance tools to meet operational, audit and risk based needs
  • Develop procedures to automate security tasks during code builds and deployments
  • Develop program quality metrics as both program performance indicators and enterprise risk indicators
  • Respond to and, when appropriate, resolve or escalate security incidents
  • Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes
  • Assist, mentor and train team members in the use of cloud security tools and the resolution of security issues
  • Develop and maintain documentation for security systems and procedures
  • Monitor system security events, SIEM tools, and network traffic for unusual or suspicious activity
  • Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures

What You'll Need:

  • Minimum 4 years of experience as a Security Engineer or equivalent working experience
  • Significant technical experience in Cloud Computing technologies and automation (HashiCorp, Terraform, Ansible, Cloudformation, etc.)
  • Significant technical experience in at least 3 of the following:  (Python, Bash, Ruby, AWS CLI, REST APIs)
  • Ability to break down complex problems and implement custom solutions or scripts beyond just basics to demonstrate thoroughness of problem solving and automated security
  • Experience in DevOps environments working with and influencing developers to maintain security through CI/CD processes.
  • Proficient and up to date with AWS security services and pros/cons to implementing each
  • Hands on experience with Amazon Web Services (AWS) including CloudFormation, CloudWatch, Lambda, IAM, KMS, VPC, ELB, EC2, CloudTrail, AWS Organizations
  • Experience working with container technologies including Docker and Kubernetes
  • Experience with CI/CD pipeline tools such as Static Code Analysis Tools & Build platforms. 
  • An understanding of encryption tools, best practices, and forensics.
  • Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
  • Knowledge of network based, system level, and application layer attacks and mitigation methods
  • Experience extracting pertinent security data from SIEM solutions, AWS audit logs, and reports
  • Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27017
  • Experience with or understanding of a broad range of security technologies including, SAST, IDS/IPS, IAM, Certificate Management, etc.
  • Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
  • Ability to clearly and effectively communicate concerns, issues to other teams
  • Experience in developing, documenting, and maintaining security procedures
  • An understanding of identity federation, authentication and authorization (SAML, OIDC, OAuth)

And Ideally:

  • Bachelor's Degree or equivalent working experience
  • Hands-on experience in MS Azure, Google Compute Cloud and 3rd party related cloud compliance tools
  • Any recognized security and cloud-specific certifications, e.g., CCSP, SSCP, CISSP, AWS, Azure Certification, Google Cloud Certification
  • Knowledge of BC & DRP programs including risk assessment, BIA, remediation, and staging exercises
  • Working proficiency with work tracking systems such as JIRA and project management solutions
  • Exposure to FedRAMP, SSAE16 SOC 2, PCI DSS

If you’ve reached this point in the job description and feel you’re still not sure if you should apply…Just do it! We know there are no perfect applicants. You may not have 100% of all those bullets listed above - and that’s okay. If you’re feeling like you’re not going to fit in with our teams - that’s not okay. We're One Tenable which means however you identify and whatever background you bring with you, we encourage you to submit an application if it’s a role you can be passionate about doing every day.

We’re committed to promoting Equal Employment Opportunity (EEO) at Tenable - through all equal employment opportunity laws and regulations at the international, federal, state and local levels.

Email me about jobs like this

Not You?

Thank you for your interest please submit your application on the next page.

We have big plans for continued global growth, and we’re looking for people who are creative, flexible and dedicated to helping us build something great – something that matters.