Senior Information Security Specialist in Scottsdale, Arizona | Careers at 179 - Axway Scottsdale - Axway Software SA
Scottsdale, AZ
About the Job
Overview
In 2024, we are pursuing our ambitions to continue to enable organizations' digital transformation. We are looking for our new Cloud Security Engineer to join Axway's family. Are you ready? Join us now!!
Together, we can. Together, we will. Axway is an enterprise integration company that's been around for over 20 years to digitally transform businesses of all sizes with more than 11,000 customers in 100 countries. Axway revitalizes IT infrastructures to enable brilliant digital customer experiences to unlock new business innovation and capabilities. Axway puts companies on a secure, future-proof path for growth.
With Axway, you'll go far because we're better together. You'll exchange ideas with a culturally rich global community of over 1,550 members who connect remotely or show up onsite in every time zone. And you'll have the support and camaraderie of your Axway leadership and colleagues to remind you that you're not alone on your journey and have taken one more step forward every day. Together, we can accomplish anything. Learn more: www.axway.com.
Overview:
The Axway Cloud Security team is critical to delivering secure cloud services to customers in government, banking, financial services, healthcare, life sciences, manufacturing, and other security-conscious industries.
Responsibilities
Responsibilties:
The Cloud Security Engineer will engage with internal and external teams to secure the deployment of cloud products and services.
- Performs architectural reviews of cloud solutions, including the application of security principles and development of security requirements
- Assesses the risk of vulnerabilities and security designs to ensure the security of Axway and its customers’ applications and data is maintained
- Automates the application of security controls, as well as the detection of security control adherence, thoughout the cloud
- Executes the development of securing cloud infrastructure and process improvement over the domains of security engineering, automation, incident management, vulnerability management, intrusion detection, and incident response
- Deploy, maintain, and utilize various security tools including SIEM, endpoint protection, AV, best practice analyzers, and vulnerability scanners
- Secures cloud infrastructure using industry best practices and frameworks, such as CIS Benchmarks, Cloud Security Alliance (CSA), etc.
- Assists with compliance audits such for ISO 27001, SOC 2, NIST, and GDPR
- Monitor cloud networks for security issues
- Updates and defines security engineering operations standards, processes, and playbooks
- Committed to developing and honing skills via certifications, instructional courses, security news feeds, and/or research
- May at times be required to be customer-facing
Qualifications
Qualifications:
- Five to seven years general information security experience, with a deep understanding of cybersecurity principles, technologies and best practices
- Strong problem-solving and analytical skills
- Three years experience with automation, including coding and scripting against cloud-relevant technologies such as the AWS control plane, Azure Active Directory (AAD), Kubernetes, and other API-enabled security technologies
- Experience with Amazon Web Services (AWS) security technologies and best practices, including the application of security principles within AWS and Azure, Kubernetes, and other technologies
- Three years information security experience as a subject matter expert working across two or more technology layers (eg, application, network, platform)
- Three years experience designing security architecture for application and enterprise technologies (eg, privileged account management, secrets management, SIEM, networking, etc)
- Three years experience translating business requirements and priorities into security architecture standards
- Experience in configuration and operation of security incident event management (SIEM), endpoint protection, and other security technologies such as Splunk, Microsoft Sentinel, ELK, CrowdStrike, Sumologic, Tripwire, OSSEC or similar tools/technologies
- Experience managing vulnerability scanning systems such as Qualys, Rapid7, Nexpose or similar
- Experience with DevOps, continuous integration/continuous deployment (CI/CD), DevSecOps
- Ability to communicate effectively with both technical and non-technical stakeholders, both verbally and in writing
Nice to Have:
- Security certifications such as:
- (ISC)2: CISSP or CCSP
- SANS: GCLD, GCIA, GCIH, GPYC, GCSA, GPCS, or GCPN
- AWS: Cloud Practitioner, Security Specialty, Solutions Architect
- CompTIA: Security+
- Bachelor’s and/or Master’s degree in Cyber Security, Computer Science, Information Technology, etc. or equivalent industry experience
Axway is an EEO and AA Employer
#LI-KJ1
#LI-Hybrid