Cloud Security Engineer
Type: Full Time
Created: 2021-05-01 05:00:41
Or Email: [email protected]
Who we are
You know those big cities that still feel like small towns? Where everyone’s friendly and helps each other out? That’s like Grant Thornton. Except here we’re all professionals and there isn’t a mayor or a general store. What we’re trying to say is that we’re a large and growing professional services firm that still feels like a community. We employ over 2500 people across Canada, and we truly care about our colleagues, our clients and the communities where we work and live. That’s what’s most important to us. We’re building a thriving organization that’s purpose driven and still want to remember what your favourite milkshake flavour is.
As a Cloud Security Engineer your responsibilities will include:
- Provide subject matter expertise on architecture, authentication, and systems security. Understand our full engineering stack, services and data flow
- Assess, design, implement, automate, and document security solutions and processes for Amazon Web Service (AWS), MS Azure, SaaS applications and other cloud platforms
- Deploy security solutions in cloud environments
- Assist and train team members in the use of cloud security tools and the resolution of security issues
- Research and maintain an extensive knowledge base of current cloud technology advancements, trends and directions and identify the potential threats and exposures
- Assist in investigation and remediation of security incidents and issues
- Create and support KPIs and KRIs that measure risk reduction and progress in cloud over time
- Help governance, compliance, and risk management teams to ensure the system consistently meets the cyber security requirements
- Act as a mentor across the teams to enable a best of breed approach to cloud security and cloud management
- Protect the systems from data breaches at all times
- Monitor, operate and improve system uptime, performance, high availability and disaster recovery readiness
- Collaborate with other operational and development teams during triage and resolution of operational issues
- Assist with other cyber security related tasks
Be Grant Thornton
If you’re a bit like us, you’re driven to connect with how others are feeling and thinking. Here we walk in others shoes before taking action. Just imagine being part of a team that puts “we before me”, where flexAbility is a mindset, and where you trust your colleagues to have your back. At Grant Thornton, you’ll work with inspiring leaders who support your development, both personally and professionally. This is a place where your insatiable curiosity enables you to think, see and hear from a variety of perspectives, a place where every day is different and having the courage to grow is part of who you are. And when all this comes together, well that’s when the magic happens!
Want to learn more about who we are and how we live our purple every day? Read our colleagues’ stories at www.discoveryourpurple.ca
Think you’ve got what it takes to be a Cloud Security Engineer? Here's a few more boxes we’re also hoping you can tick:
- Bachelor's degree in engineering, computer science, information systems, business and/or other related major
- CISSP, CCSP, CRISC or similar cloud certification is preferred
- 5+ years of experience with AWS and Microsoft Azure Cloud Platform
- 5+ years of experience with Cloud security practices
- 5+ years of experience with implementing and configuring IT infrastructure systems, including operating systems, applications, databases, firewalls, and networks
- Extensive experience in a Linux and MS Windows operating systems, configuration, installation, tuning, maintenance and monitoring
- Extensive experience with Cloud Security Solutions (e.g. Zscaler, CASB, AlertLogic, SumoLogic)
- Extensive experience with SIEM solutions (Rapid 7, Log Rhythm, FireEye)
- Experience with AWS and Azure security design, architecture and implementations.
- Firm grasp of networking protocols and operations. Comfortable with low level packet sniffing, working knowledge on Kali, Wireshark, Burpsuite, Metasploit, nmap, fiddler, sqlmap, nessus. Knowledge on network attacks, detections, and defences
- Experience with scripting (Python, Perl, Bash, PowerShell) and API integrations
- Knowledge of Identity and Access Management concepts and technologies to secure production and corporate access, such as SSO, SAML Federated Identity, RBAC, authentication & authorization solutions
- Ability to analyze and solve complex challenges
- Must have knowledge of theoretical and applied cryptography, key management, and a strong understanding of cryptography algorithms such as RSA, AES, SSL vs TLS, PKI, etc
- Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO27001, ISO 27017 and NIST
At Grant Thornton we’re focused on making a difference in the lives of our clients, our colleagues and our communities. That’s our purpose. Or, as we like to say, living our purple.
Are you ready to Discover Your Purple?