Senior Cloud Security Engineer - Remote - Tailored Brands : Job Details

Tailored Brands, Inc.'s purpose is to help our customers love how they look. We accomplish this by providing a personal, convenient, one-of-a-kind shopping experience with compelling products and world-class service. We help fulfill this mission by providing our employees with an engaging and inclusive workplace focused on teamwork, growth and respect.

Remote Opportunity!

Key Responsibilities

• Provide SME support for new and existing Cloud initiatives security systems for network/ application / database; providing technical support as needed on-perm and cloud.
• Maintain enterprise information security policies, technical standards, guidelines, and procedures necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
• Work with engineering and operation teams to implement threat detection signals, deploy new tooling, and improve response capabilities.
• Develop and review policies related to network security infrastructure including and not limited to Routing, Switches, NAC and Firewalls.
• Assist the regulatory team during audits and proactively identify methods for automation of evidence collection.
• Write testable and readable code in shell and python and understand provisioning tools such as Terraform, Ansible and Cloud formation.
• Create requirement and design documents that account for security risks in new or existing systems with architectures to mitigate them within company risk appetite.
• Develop, automate runbooks for security operations and compliance control automation.
• Develop automation and utilize frameworks to scale both protection and mitigation tools.
• Collaborate with IT staff, architecture and business units to assess risk and address security issues.
• Provide expertise and guidance surrounding cyber related issues while recommending solutions that mitigate and eliminate risk.
• Ensure that controls are in place and managed properly to meet corporate, legal and regulatory compliance on all network and system infrastructures.
• Document security processes, standards, technical documents and SOPs addressing the setup, operations and support of technical infrastructure.
• Assist in the creation of a defense in depth security model across multiple cloud providers.
• Build, design, develop, deploy, and support security software/tools that deliver security functionality and improve security efficiency and capabilities through automation.
• Ensure enterprise security best practices are followed across AWS, and GCP cloud platforms.
• Define security requirements and reviews systems to determine if they comply with established standards and develops new standards as necessary.
• Validate and test security architecture and design solutions to produce detailed engineering specifications, recommend vendor technologies where applicable.

Skills, Abilities, Experience & Qualifications

• BS in Computer Science, Information Security, or minimum 7 to 10 years of experience in the IT industry and at least 5 years of experience in Information security engineering.
• Strong understanding of networking infrastructure.
• Relevant industry certifications such as AWS, GCP, CISSP and SANS/GIAC.
• Strong knowledge of regulatory standards or control frameworks that govern Information Security practices such as NIST, ISO, SOX, PCI, and state and federal privacy laws.
• Excellent understanding/working knowledge of the public cloud infrastructure and services in GCP and AWS (IAM, VPC, KMS, CloudWatch, Cloud operations, S3, Cloud Storage, etc.).
• Experience building and securing infrastructure as code using CloudFormation, Terraform, Ansible, SAM and/or similar tools.
• Working experience in creating DevSecOps pipelines using Jenkins.
• Fluency with one or more scripting/coding languages (e.g. bash, Python);
• Knowledge of enhancing security on AWS and GCP preferred.

Work Environment, Physical & Mental Demands

• Ability to sit and work at a computer keyboard for extended periods of time.
• Ability to stoop, kneel, bend at the waist, and reach on a daily basis.
• Able to lift and move up to 25 pounds occasionally.
• Must utilize visual acuity, speech and hearing, hand and eye coordination and manual dexterity necessary to operate a computer and office equipment.
• Hours regularly exceed 40 hours per week.