Cloud Security Engineer

1w1 week ago

UMB Bank

Kansas City, US · Full-time · $83,200 – $178,800

About this role

Our Information Security organization serves as the eyes and ears of UMB’s technology security, ensuring controls, authentication, and authorization keep systems and applications safe. We monitor, discover, and remediate vulnerabilities while complying with corporate policies. As a Cloud Security Engineer, you support the Infrastructure team in delivering secure cloud solutions using a cloud-native approach.

You define and execute public cloud-centric security controls, designing secure patterns for computing, storage, networking, and security domains. You advise application, product, and cloud infrastructure teams on incorporating capabilities with an information security mindset. You collaborate with stakeholders to deliver best-fit secure solutions and identify emerging services for business needs.

You deploy and manage security controls using AWS multi-accounts, Service Control Policies, IAM policies, VPC, and Control Tower Guardrails. You partner with application teams on infrastructure-as-code stacks with Terraform, CloudFormation, CDK, and Ansible. You serve as a pragmatic thought leader, articulating complex IT concepts to diverse audiences.

You provide hands-on technical coaching to accelerate cloud security learnings organization-wide. You offer accurate information on AWS services as a consultant to the IT Information Security team. This role involves operational support for enterprise projects on a diverse team of engineers.

Requirements

Bachelor’s Degree in Management Information Systems, Computer Science or related field or equivalent work experience
At least 4 years of experience designing and implementing secure solutions and securing public cloud workloads
At least 2 years of experience with Metrics, Events, Logging, and Tracing solutions like Cloudtrail, CloudWatch, or Splunk
Strong infrastructure-as-code (IaC) expertise and deployment experience with Terraform, CloudFormation, CDK constructs, and Ansible
Experience with AWS multi-accounts structure, Organizational Units, Service Control Policies (SCP), IAM policies, Virtual Private Cloud (VPC), and AWS Control Tower Guardrails

Responsibilities

Define and execute public cloud-centric security controls and design secure patterns for computing, storage, networking, operational, and security domains
Advise application, product, and cloud infrastructure teams on incorporating cloud capabilities with an information security mindset
Deploy, consult, and manage security controls leveraging AWS multi-accounts structure, Organizational Units, Service Control Policies, IAM policies, VPC, AWS Control Tower Guardrails and best practices
Partner with application teams to support design and implementation of infrastructure-as-code stacks using Terraform, CloudFormation, CDK constructs, and Ansible
Advise on all aspects of secure cloud infrastructure offerings and solution design
Provide hands-on technical coaching to accelerate cloud security learnings across the organization
Provide accurate and current information on AWS services and serve as a consultant to solve business use cases