Lead Cloud Engineer – AWS
Job Description
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers, and which is consistently awarded for both. We’re all about people and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
The Lead cybersecurity engineer, will champion efforts to enhance security of our cloud infrastructure helping implement security best practices and guard rails around the use of various cloud services, and delivering those capabilities through modern automation tools, principles and patterns. They should have strong problem solving skills and demonstrate the ability to work independently, communicating effectively across multiple technical teams.
Engineers solutions in alignment with the Cybersecurity engineering roadmap, and maintains processes for the delivery of highly complex secure systems, cyber applications, technical projects, and regulatory and risk requirements. Facilitates process engineering, risk remediation, and mitigation of operational risk in a high-velocity culture by collaborating to introduce technology, requirements, deliverables, gaps, and systems design. Contributes to analyzing cyber technologies, metrics models, and performance indicators. Identifies robust solutions and builds resilient next-generation systems to solve business challenges and enhance the control environment.
Responsibilities
- Provides comprehensive security analysis of various cloud services through research, threat modelling and experimentation, and thereby leading to security best practice guidelines in using those services.
- Defines security misconfiguration around usage of various cloud services and provides details of identification and remediation of such misconfigurations.
- Designs and builds automation for detection and auto-remediation of security misconfigurations
- Supports software development processes via continuous integration and delivery.
- Looks for ways to improve and streamline processes and procedures.
- Participates in and contributes to risk management, business continuity management, policy review and compliance audits
- Collaborates alongside engineers and the product teams on business and operational matters
- Troubleshoots, resolves issues and guides when stakeholders run into access or security issues.
- Manages relationships with security partners and vendors.
- Ensures compliance to audit, regulatory, and legal requirements.
- Analyzes, designs, and develops security solutions with Cybersecurity architects to ensure it is consistent with corporate technology goals and risk tolerance levels.
- Provides direction to infrastructure, operations, data, and application developments groups throughout the transitioning phase, implementation in production, and beyond.
- Validates current- and future-state architectural models to assess impact across assigned Cybersecurity technology systems.
- Serves as the subject matter expert for supported security technologies, and act as subject matter expert during escalations.
- Oversees security requirements and technical specifications to guide project implementation toward successful solution delivery.
- Maintains knowledge of engineering next-gen designs, security trends, threats, and attack techniques.
- Builds and maintains effective relationships with management, peers, project managers, and internal customers.
- Designs and engineers solutions to align with the Cybersecurity Strategy.
Minimum Qualifications
At a minimum, here’s what we need from you:
- 6+ years of experience in Information Security, Security Engineering, or related field
Preferred Qualifications
If we had our say, we’d also look for:
- Bachelor’s Degree in Information Security, IT, Computer Science, or related field
- 3+ years working with AWS Cloud Technologies
- Good understanding of various permissions mechanisms within AWS – Service Control policies, IAM policies, resource policies, permission boundaries, session policies, Network ACL and security groups, cross-account access, etc.
- Good understanding of most widely used AWS Product and Services suite (EC2, S3, VPC, RDS, dynamoDB, Lambda, KMS, SQS, SNS, CloudTrail, CloudWatch etc.), their use cases, best practices in implementation, and approaches to take in securing such services
#LI-LJ1
Discover Financial Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, among other things, or as a qualified individual with a disability.