Volkswagen Group of America Job - 31500230 | CareerArc
  Search for More Jobs
Get alerts for jobs like this Get jobs like this tweeted to you
Company: Volkswagen Group of America
Location: Libertyville, IL
Career Level: Mid-Senior Level
Industries: Automotive, Motor Vehicle, Dealers

Description

Role Summary:

As the Cloud Security Engineer, you'll be responsible for protecting the confidentiality, availability, and integrity of information assets in cloud environments such as AWS. This position is best suited for an experienced Information Security engineer with a strong proven understanding of AWS native products and functionality along with other complementary technologies (e.g., CDN) and best practices for cloud security. This role will partner with other cloud-focused infrastructure, operations, and devops teams to ensure the safety of information systems assets, customer data, and to protect systems from unauthorized access and abuse. Additionally, this position will collaborate with the rest of the Information Security organization to analyze and perform event correlation, create dashboards and reporting content, troubleshoot, and remediate security issues. Responsible for security configurations and connections across all digital and cloud platforms including FIS/ERP, AWS/Big Data, Salesforce/CRM, Tableau/ Business Intelligence, Azure/Collaboration, Jitterbit/Integration and other emerging platforms. Ideal candidates will have extensive experience in serverless software and Amazon security best practices.

Role Responsibilities:
  • Act as the primary Subject Matter Expert (SME) for security in the cloud
  • Integrate with internal engineering teams providing frameworks to build, design, and implement products across the organization securely
  • Review new and existing cloud hosted products and services for vulnerabilities, and asses the health and security of cloud network architectures
  • Ensure ongoing compliance of cloud hosted infrastructure to security policies and procedures
  • Analyze and prioritize reports from internal and external researchers; facilitate confirmed issues to resolution with engineering teams
  • Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures
  • Drive the integration and ongoing monitoring of cloud systems events and alerts into SecOps
  • Performs security assessments and recommends mitigation strategies or improvements based on security best practices
  • Conducts vulnerability assessments and monitors systems, networks, and databases for possible security breaches and recommends improvements.
  • Daily interaction with the Digital DevOps team members, Systems Administrators, Data team and interaction with other IT Management, Infrastructure, and Business
  • Assess large, complicated cloud-hosted services from a threat-centric view to determine where threats could take advantage of vulnerable configurations
  • Serve as key liaison between Development teams and Security department to prioritize and implement technology projects
  • Design, Develop, Install, and configure security solutions that meet specific customer requirements

Recommend and implement changes to enhance systems security and prevent unauthorized access.




Requirements

Experience: Required
  • 7 - 9 years of experience in technical aspects of cloud, applications, web or mobile
  • 5 years of experience in IT security functions
Education: Required
  • B.S. in Information Technology, Computer Science (or related field)
Desired
  • Advanced Degree a plus
General Skills:
  • Initiative and desire to find faults in processes
  • Analytical and conceptual thinking – using logic and reason, creative and strategic
  • Communication skills – interpersonal, presentation and written
  • Computer savvy – skilled in the use of software
  • Integration – joining people, processes or systems
  • Influencing and negotiation skills
  • Problem solving
  • Time Management
  • Ability and desire to learn new technologies

Specialized Skills:

Required
  • Experience with B2B/B2C software or E-commerce deployments to AWS
  • Strong background in SaaS or Cloud security
  • Strong knowledge of distributed platform, SDN and cloud CDN network security standards
  • Knowledge of financial or banking technology control requirements such as PCI
  • Knowledge of cloud identity and authentication methodologies (Kerberos, SAML, OAuth, MFA)
  • Knowledge of cloud platform Role Based Access Control and IAM policies/capabilities
Desired
  • Familiarity with Metasploit, Burp Suite, Fuzzing, Gaunlt, and Jenkins preferred
  • Familiarity with code reviews and penetration testing preferred
  • OSCP, OSCE, or OSWE or other relevant Certifications are a major plus
Work Flexibility:
  • Travel 10% of the time
  • Onsite, remote work options dependent on team operating model and initiative
  • Flexibility to work outside of core hours (Monday – Friday) to support business demand

We are proud to be an EEO employer M/F/D/V. We maintain a drug-free workplace and perform pre-employment substance abuse testing.



 Apply on company website