Сучасна диджитал-освіта для дітей — безоплатне заняття в GoITeens ×
At Jabil At Jabil (NYSE: JBL), we are proud to be a trusted partner for the world’s top brands, offering comprehensive engineering, manufacturing, and supply chain solutions.
30 грудня 2021

Cloud Security Engineer (вакансія неактивна)

Украина, США, віддалено

Job Description:

Jabil is looking for a Cloud Security Engineer who will be part of a diverse and dynamic Global Information Security team. The individual will help build, maintain and automate various different information security capabilities with the goal to keep Jabil and it’s customers data and system secure. The ideal candidate will have engineering experience with various information security services with both Azure and AWS. The person will be responsible for various cloud security services, technologies, programs, and processes as assigned. Interface with architects, IT groups, and other entities to ensure that security is evaluated and embraced in Jabil. Lead activities to determine the security landscape, threats and vulnerabilities, appropriate security tools, processes, policies and opportunities to mitigate risk to Jabil. Ensure compliance to Jabil’s security policies. Optimize and automate security tools and perform complex tuning and filtering of devices.


You will be expected to

· Ensure security of all assets in the cloud by integrating security best practices for identity-based security, shared secrets, key rotation, and other security requirements. Work with corporate security team to enforce policies and deploy cloud security tools to protect and monitor access.
· Assist in the development and enforcement of the Cloud Security Standard
· Build and deploy new information security services and capabilities in both AWS and MS Azure
· Assist with the integration of existing enterprise security solutions with cloud environments
· Effective and proficient in troubleshooting issues with cloud security services
· Automate various cloud information security processes
· Develop automation frameworks and security policies and best practices for public cloud platforms
· Mentor others in the principles and best practices of cloud security and secure-by-design deployments
· Assess, harden, and develop secure infrastructure as code, using templates, golden images, and other resources for consumption
· Implement event-driven automations on cloud-native tooling (e.g. Lambda, Step, etc.) to respond to security incidents.
· Maintain discretion and confidentiality in all areas pertaining to Jabil’s information assets, data and proprietary information, whether internal to Jabil or customer specific
· Demonstrate a commitment to customer service; anticipate, meet and exceed expectations by solving problems quickly and effectively, making customer issues a priority
· Continuously look for improvement opportunities in each area of Jabil’s information security program
· Create reports for assigned areas of responsibility
· Exchange knowledge and information with other Jabil facilities to ensure best practices are shared throughout the Jabil organization
· Understand and embrace the business and IT strategic direction
· Consult with various entities to recommend security solutions and designs
· Assure that procedures and work instructions are efficient and not redundant
· Lead external and internal third party audit activities. Participate in customer and group audits as required
· Identify required metrics, goals, formulas, reporting processes, etc
· Lead or assist security team efforts for IT Security, compliance or customer audit activities
· Offer new ideas and suggestions for improvement. Identify and implement new practices and processes that are “best in field”
· Lead efforts to create and implement security standards, policies, guidelines, and practices
· Own assigned processes and ensure process requirements are being met and that the process continues to be improved
· Lead Global or Regional merger, greenfield, and acquisition security activities and ensure all requirements are met, processes established and training performed
· Lead security activities when reducing or shutting down existing facilities to ensure all security requirements are fulfilled
· Identify Potential Threats and vulnerabilities and lead the mitigation of identified threats
· Identify Security patches and vulnerabilities to be evaluated for impact and risk to Jabil
· Lead the deviation process for assigned area and ensure the deviation process is understood and followed
· Lead Incident Response Process as required. Lead efforts to investigate and remediate security incidents and prepare and complete required Security reports associated with the Incident Response Process
· Ensure business requirements are met for contracts and licensing, forecast, service level agreement, and associated policies for assigned service
· Understand the Security service’s technology and its capabilities. Determine downtime requirements, upgrades, etc
· Lead strategic Security service Ownership activities to help set direction and establish patterns of continuous improvements
· Ensure that the Security service meets all intended regulatory and compliance requirements
· Assist with Security Deviation Audits
· Approve recommended or requested policy changes to tool configurations
· Stay abreast of new tools and approaches in the security arena and meet with vendors or service providers as required
· Determine which tools should be evaluated and lead tool or service evaluation
· Lead activities that help determine Jabil’s security architecture and ensure that selected solutions meet all required business and compliance requirements
· Consult with architects and other groups to ensure that solutions entering Jabil meet security requirements and also ensure that security solutions satisfy architecture requirements
· Lead investigation and forensic efforts in sensitive and complex investigations and circumstances
· Make judgments on whether security events are incidents and initiate Incident Response process when necessary
· Perform advanced security incident investigation and event correlation analysis in sensitive and complex investigations and circumstances
· Handle Escalation from Security Analysts and Security Engineers
· Analyze security violation reports for suspicious and dangerous activity
· Prepare summary reports for distribution to management
· Submit tickets to the Service Desk describing security incidents with supporting information or evidence
· Determine requirements for environment analysis such as: port scanning, vulnerability assessment tools, which tools are prohibited, etc
· Ensure proactive steps are taken for any potential Security Tool problems such as: performance degradation, reliability/availability and security issues
· Approve security device tuning and filtering requests and ensure no negative impact to Jabil’s enterprise

Requirements:

· At least 5 years of experience in Cloud Software Security
· Significant experience and understanding in two or more of the following areas: AWS or Azure security best practices, security technologies and tools
· Forensic investigation and incident response tools and processes, IT technologies and tools (Networking, Systems, Applications, Databases, etc.)
· Security services or program management
· Global experience and working with different cultures is required
· Excellent documentation skills
· Two or more of the following, or similar certifications is preferred and one required: CCNA, MCSE, CISSP, GIAC, CISM, or security tool certification
· Upper-intermediate English
· Strong attention to detail

Гарячі вакансії

Всі вакансії