SENIOR CLOUD SECURITY ENGINEER
  • Ukraine Kharkiv
  • Svitla Systems, Inc.
1 year before
31.01.2024
Securely Provision
Systems Architecture
Job Description

Svitla Systems Inc. is looking for a Senior Cloud Security Engineer for a full-time position (40 hours per week) in Ukraine. Our client is a product engineering, design, research, and consulting firm. They’ve launched 50+ products and generated $450MM+ in revenue for clients - in healthcare, life sciences, manufacturing, retail, real estate, and professional services. The worldwide engineering team, adept across digital, DevOps, and emerging technology stacks, implement exceptional technical solutions. They provide deep software product engineering, design, research, and consulting expertise to create products. The client is proud of being a ready resource for critical market insights with the knowledge and experience required to design, build and scale big ideas to serve the growing list of customers in the USA and Europe. The company is headquartered in Pittsburgh, USA, with global locations. The Cloud Security Engineer will focus on the secure operation of cloud security architectures for protecting PII/PHI data deployed into various cloud systems.

Requirements

• College degree or/equivalent and 10+ years of experience related to work.
• 2-4 years of experience with security architecture and/or engineering.
• 2-3 years of experience with AWS.
• AWS Certified Security certificate.
• Experience architecting solutions within Amazon Web Services (AWS).
• Knowledge of Amazon Web Services, especially VPC Networking, IAM, KMS, CloudFormation, EC2, API Gateway, Kubernetes, SQS, SNS, Kinesis, RDS, DynamoDB, and Lambdas or equivalent is preferred.
• Proficiency in scripting programming languages Python, JSON, Ruby, PowerShell, and YAML.
• Familiarity with cloud security and governance tools.
• Experience representing diverse audiences' technical viewpoints and making timely and prudent technical risk decisions.
• Strong interpersonal and communication skills; ability to work in a team environment.
• Ability to work independently with minimal direction; self-starter/self-motivated.
• Experience in technical writing.
• A good understanding of security architectures for cloud/hybrid systems.
• Experience in securely running multiple cloud environments.
• Ability to provide input and feedback on product security architectures & requirements.
• A firm understanding of the offerings and capabilities within Amazon Web Services (AWS).
• An understanding and experience with vulnerability management and cyber incident management.
• Ability to represent Security Operations in developing and implementing the overall cloud architecture

Responsibilities

• Run cloud security operations.
• Act as the focal point between engineering teams, product security, and security operations for the cloud.
• Lead security operations team.
• Advise engineering teams on security architectures and best practices.
• Own cloud vulnerability, non-conformance, cyber incident management, and access management processes.

Will Be a Plus

• Experience with any security framework (ISO 270xx, HiTrust, NIST).

We Offer

• US and EU projects based on advanced technologies.
• Competitive compensation based on skills and experience.
• Annual performance appraisals.
• Flexibility in workspace, either remote or in one of our development offices.
• Comprehensive medical insurance including dental and massages.
• Sport reimbursement program for onsite and online activities.
• Support of a healthy lifestyle, compensation for running events.
• Bonuses for recommendations of new employees.
• Bonuses for article writing, public talks, other activities.
• Personal loan budget available for long-term personnel.
• 20 vacation days, 10 national holidays and sick leaves.
• Maternity leave policy and family days off.
• Full compensation for conferences, courses, English classes.
• Free webinars, meetups and conferences organized by Svitla.
• Gifts for birthdays, New Year, anniversaries, children and more.
• Fun corporate celebrations and activities, regular lectures on various topics.
• Awesome team, friendly and supportive community!

About Svitla

Svitla Systems is a global trusted IT solutions company headquartered in California, with business and development offices throughout the US, Latin America, Europe, and Asia. Svitla is an outspoken advocate of workplace flexibility, best known for its well-established remote culture, individual approach to our teammate’s professional and personal growth, and family-like environment.

Since 2003, Svitla has served a wide range of clients, from innovative start-ups in California to mega-large corporations such as Ingenico, Amplience, InvoiceASAP and Global Citizen. At Svitla, developers work with clients’ teams directly, building lasting and successful partnerships, as a result of seamless integration with on-site processes.

Svitla Systems’ global mission is to build a business that contributes to the well-being of our partners, personnel and their families, improves our communities, and makes a lasting difference in the world. Join us!

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0024   Knowledge of database systems.
  • K0027   Knowledge of organization's enterprise information security architecture.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0075   Knowledge of security system design tools, methods, and techniques.
  • K0093   Knowledge of telecommunications concepts (e.g., Communications channel, Systems Link Budgeting, Spectral efficiency, Multiplexing).
  • K0102   Knowledge of the systems engineering process.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0240   Knowledge of multi-level security systems and cross domain solutions.
  • K0291   Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
  • K0293   Knowledge of integrating the organization’s goals and objectives into the architecture.
  • K0057   Knowledge of network hardware devices and functions.
  • K0071   Knowledge of remote access technology concepts.
Required Skills
  • S0024   Skill in designing the integration of hardware and software solutions.
  • S0122   Skill in the use of design methods.
  • S0076   Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
  • S0116   Skill in designing multi-level security/cross domain solutions.
  • S0138   Skill in using Public-Key Infrastructure (PKI) encryption and digital signature capabilities into applications (e.g., S/MIME email, SSL traffic).
  • S0168   Skill in setting up physical or logical sub-networks that separate an internal local area network (LAN) from other untrusted networks.
Required Abilities
  • A0008  Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
  • A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0060  Ability to build architectures and frameworks.
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • A0061  Ability to design architectures and frameworks.