Company Description
Cloud Technologies is specialized in providing all professional services required for cloud solutions.
Role Description
This is a full-time on-site role as a Cloud Security Engineer located in Abu Dhabi Emirate, United Arab Emirates. As a Cloud Security Engineer, you will be responsible for ensuring the security of cloud infrastructure, implementing security measures, monitoring for security breaches, conducting regular security assessments, and collaborating with cross-functional teams to enhance security protocols.
Qualifications
- 8+ years’ experience in technical role within a SOC or similar cybersecurity environment
- Experience with cloud security technologies like IAM, SIEM, and DLP
- Knowledge of security best practices for cloud environments (AWS, Azure, GCP)
- Experience with scripting languages (Python, PowerShell, Java) for security automation
- Understanding of networking protocols, firewalls, and VPN technologies
- Certifications such as CISSP, CISM, or CompTIA Security+
- Strong analytical and problem-solving skills
- Excellent communication and teamwork abilities
- Experience in Network Security, Cyber Defense, Vulnerability Management, Security Architecture, and Cloud Environment
- Good understanding of security concepts (Zero Trust Network, CASB, Cloud computing, SIEM solutions, PKI, DevSecOps, IAM and PAM, …).
- Experience with Azure security components, other Cloud Platforms like AWS and Google Cloud is nice-to-have
- Technical skills with Linux and Windows operating systems and scripting languages like Powershell, Python, .Net
- Knowledge of Linux/Unix & Windows OS.
- Good knowledge of HTTP, HTTPS, SSL, and authentication technologies.
- Be a “geek” in one specific technical domain – can be outside of the ones mentioned here above.
- Agile, Scrum, DevSecOps knowledges is an asset
- Cloud EDR/XDR/SIEM/DLP
- Profound knowledge and hands-on experience with Splunk SIEM/SOAR and other related technologies
- Strong understanding of cloud and network technologies, essential for efficient log source onboarding.
- Proven technical capabilities in a complex, fast-paced SOC environment
- Ability to diagnose and troubleshoot log source issues related to cloud and network infrastructures
- Ability to diagnose and troubleshoot log source issues related to cloud and network infrastructures
- Strong understanding of targeted attacks and ability to create customized tactical and strategic remediation plans for compromised organizations
- Sound forensic skills across multiple operating systems
- Ability to perform analysis of system and network devices logs
- Sound understanding of the capabilities of static and dynamic malware analysis
- Strong understanding of the ATT&CK framework
- Strong understanding of current threats, vulnerabilities, and attack trends
- Review and provide security best practices and recommendations for multi cloud base applications, including large-scale data processing, computationally intensive statistical modeling, and advanced analytics
- Participate in all aspects of the software development lifecycle for multi cloud solutions, including Security penetration testing and assessment
- Troubleshoot incidents, identify root causes, fix and document problems, and implement preventive measures
- Educate teams on the implementation of new cloud-based initiatives, providing associated training when necessary
- Ability to collaborate effectively with a variety of team members, including interfacing with customers to resolve issues
- Demonstrate exceptional problem-solving skills, with an ability to see and solve issues before they affect business productivity
Responsibilities
- The Cloud Security Engineer is responsible for ensuring the security of the cloud environment and protecting sensitive data. This includes identifying potential security risks, implementing security controls, and enforcing security policies. The Cloud Security Engineers should have a deep understanding of cloud security best practices, compliance requirements, and security standards. They should also be proficient in implementing access control policies, protecting data in transit and at rest, and monitoring cloud security threats. The Cloud Security Engineers responsible for ensuring that the cloud environment is secure and meets the organization’s security requirements.
- Implement, maintain and improve the security posture of the Azure platform, identifying, and remediating vulnerabilities by using a variety of security tools.
- Implement and configure security controls and policies, manage access to data, and monitor threats to ensure that data, apps, containers, infrastructure, and networks are protected.
- Configure access within a cloud solution environment using the defense-in-depth principle
- Configure network security including in a hybrid context with traditional network centric controls
- Implement and use cloud native tools like Log Analytics, Azure Monitor, Azure Security Center and Azure Sentinel
- Integrating security features in the software development life cycle.
- Work in tandem with our engineering team to identify and implement the most optimal cloud-based solutions for the company.
- Define and document best practices and strategies regarding secure application deployment and infrastructure security best practices.
- Manage cloud security solutions in accordance with company security guidelines.
- Reviews on the architecture and design deliverables and support as an Security expert.
- Ensure knowledge up-gradation and work with new technologies so that the solution is current and meets quality standards and the client requirements.
- Recommend client value creation initiatives and implement industry best practices for security.
- Effectively review public and hybrid cloud-based architectural design concepts and solutions to all levels in the organization and provide with security best practices and recommendations.
- Drive decision making. Identify alternatives, pros and cons, and make recommendations.
- Identify, analyze and provide security recommendation for the most complex public and hybrid cloud-based issues.
- Identify and balance risks and rewards to meet objectives.
- Manage multiple initiatives independently.
- Establish relationships with strategic public and hybrid cloud vendors to acquire knowledge develop partnerships and collaborate on potential architectural solutions and technology acquisitions.
- Communicates security recommendations and best practices to IT senior leaders and other critical stakeholders throughout the architecture planning and design process.
- Carry out host-based assessments using EDR tools and network assessments utilizing full packet data to determine the extent and scope of possible compromise
- Perform host and, or network-based forensics across Windows, Mac, and Linux platforms.
- Execute digital forensic investigations supporting cyber incident response engagements
- Collaboration with customers to enhance the defensive security posture and existing security controls
- Explain technical findings in a manner that can be easily understood by technical and non-technical staff
- Validate the Incidents escalated by Tier 1 SOC Security Analysts
- Analyze, and communicate with stakeholders, the threats associated with every incident
- Collaborate with the SOC Principal Engineer, SIEM, in onboarding new log sources to the SIEM/SOAR platform.
- Maintain and govern SOC critical log sources, ensuring their proper functionality and integration with Splunk SIEM /SOAR.
- Detect log source issues, coordinate with customers to diagnose and resolve them in a timely manner.
- Participate in continuous process improvements to increase SOC efficiency and effectiveness
Certifications
The candidate is preferred to have as many as of following certificates:
- Certified DevSecOps Professional (CDP)
- Certified DevSecOps Expert (CDE).
- Certified Information Systems Security Professional (CISSP), preferred.
- Certified Information Security Manager (CISM), preferred.
- GIAC Certified in a minimum of one discipline: GNFA, GCIH, GCIA, GCFE, GCFA, GDAT
- Cloud-related certifications like AWS Certified Solutions Architect, Google Professional Cloud Architect, or Microsoft Certified: Azure Solutions Architect Expert.
- Networking certifications such as CCNA or CCNP are pluses.
- Penetration testing certifications like OSCP or OSCE, or Cyber security SANs certifications or INE security certifications.