MTS - Cloud Security Engineer

Job content

Job Summary

The NetApp Cloud Data Services team is looking for a focused Security Engineer who can take on a leadership role in Managing & responding to security issues across Cloud Data Services. The right candidate must thrive in high-pressure situations, think like both an attacker and defender, and drive relevant teams to take the right actions in the right timeframes to mitigate risks.
We are looking for an individual who can balance technical risks against business risks and consistently drive for the right results. They must have the passion for engineering novel solutions to complex security challenges, and recognize and fill gaps in capabilities. The ability to quickly design and build internal-facing tools that enable scaled programmatic automation is a plus.
The successful candidate will have a good mix of deep technical knowledge and a demonstrated background in information security. We value broad and deep technical knowledge, specifically in the fields of cryptography, network security, software security, malware analysis, forensics, security operations, incident response, and emergent security intelligence.

An ideal candidate should be able to accomplish most of the following:

Build a Security Hardening strategy for our cloud services and continue to assess and take actions that result in a highly secure cloud service.
Confidently and intelligently respond to security incidents, and proactively consider how to prevent the same type of incidents from occurring in the future.
Design and coordinate cohesive responses to security events that involve multiple teams across the organization.
Build security utilities and tools for internal use that enable you and your fellow Security Engineers to operate at high speed and wide scale.
Evaluate the impact to the organization of current security trends, advisories, publications, and academic research. Coordinate responses as necessary across affected teams to do the right thing for our customers and our organization.
Ability to communicate effectively at multiple levels of sensitivity, and multiple audiences.
Recognize, adopt and instil the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, incident response, security intelligence.
Provide subject matter expertise on architecture, authentication and system security.
Job Requirements
Experience with AWS and AWS Security, Identity, & Compliance resources and secure architecting
Experience with Web Application Architecture Security Review, Threat Modelling, Static Code Review, Penetration Testing, and Incident Response Planning
Experience with third party risk analysis and management
Current knowledge around web and mobile application vulnerabilities, attacks, and mitigation methods
Strong understanding of information security principles and core technologies (CIA, encryption, identity, authN/authZ, SSO, Networking, web protocols, and privacy)
Strong understanding of web and mobile application security best practices and secure architecture patterns
Experience with security testing tools: BurpSuite, ZAP, AppScan, SQLMap, Wireshark/TCPdump, Metasploit, Security Monkey, Curl, etc
Proficient in one programming language – Java preferred
Proficient in one scripting language (Perl, Python or PowerShell)
Good interpersonal and communications skills and the ability to liaison for both technical and non-technical audiences
Education
4+ years of experience in relevant technologies.
BS in Engineering or Computer Science
Certifications in CompTIA Security+, CEH, or GSEC
Experience with Incident Response
Governance, Risk, and Compliance experience.