The Cloud Security Engineer is responsible for safeguarding cloud data, applications, and infrastructure through your expertise in cybersecurity operations, cloud security, and DevSecOps for TRS. The incumbent will leverage tools like SIEM, SAST, DAST/IAST and orchestration platforms to automate policy enforcement on off-premises applications and infrastructure; respond rapidly to incidents through skilled analysis of anomalies across networks, code, and cloud infrastructure; create and deliver secure service deployment training to share across IT and application owners; ensure compliance while fostering collaboration between application owners, IT operations, and security teams. This position will proactively work with the Information Security team, IT staff, and agency employees.
WHAT WILL YOU DO:
Cybersecurity Operations
Monitor security alerts, logs, and events from various tools like SIEM, firewalls, endpoints, etc. to detect any anomalies or potential incidents.
Collect, process, preserve, and analyze digital-related evidence to support network vulnerability mitigation and workplace investigations.
Investigate and analyze suspicious or unusual activity to determine if it poses a true security risk. This may involve looking at additional logs, files, network traffic, etc.
Validate and verify the root cause of any incidents and breaches that are identified. Support response and remediation efforts.
Respond to crises or urgent situations to mitigate immediate and potential threats. Use mitigation, preparedness, and response and recovery approaches. Investigate and analyze all relevant response activities.
Conduct application security reviews/testing (SAST, DAST, IAST, etc.) to identify vulnerabilities in code.
Work with application owners and IT to remediate vulnerabilities and implement secure cloud orchestration best practices.
Perform security architecture reviews of software/api designs.
Coordinate with Governance, Risk, and Compliance (GRC) team on conducting risk analyses (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change and provide recommendations for mitigation strategies/solutions.
Read, interpret, and execute simple scripts on Windows and UNIX systems (e.g., those that perform tasks such as: parsing large data files, automating manual tasks, and fetching/processing remote data).
Provide an accurate technical evaluation of the software application, system, or network, documenting the security posture, capabilities, and vulnerabilities against relevant cybersecurity compliances.
Mitigate/correct security deficiencies identified during security testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.
Assesses and monitors cybersecurity events related to system implementation and testing practices.
Provide after-hours support for information security functions.
Strategic Support
Analyze collected information to identify vulnerabilities and potential exploitation.
Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
Build and maintain metrics for tracking improvements and deficiencies in the security of processes, systems, and programs
Performs related work as assigned.
WHAT WILL YOU BRING:
Required Education
Bachelors degree from an accredited college or university in Cybersecurity, Information Security or a closely related field.
High school diploma or equivalent and additional full-time experience in cybersecurity, information security, systems analysis, programming, computer operations, IT business analysis or similarly related experience may be substituted on an equivalent year-for-year basis.