Saltar al contenido principal
Volver a la búsqueda

SOC Security Cloud Engineer II

Req ID: J2289575

  • Ubicación
    Remoto - Estados Unidos, Florida, United States of America
  • Categoría Tecnologias de la Información
  • Publicado lunes, 4 de octubre de 2021
  • Tipo Tiempo completo
  • Tipo de Empleo Empleado Permanente

Descripción del Trabajo

SUMMARY

Jabil is looking for a Cloud Security Engineer II who will be part of a diverse and dynamic Global Information Security team. The individual will help build, maintain and automate various different information security capabilities with the goal to keep Jabil and it’s customers data and system secure. The ideal candidate will have engineering experience with various information security services with both Azure and AWS. The person will be responsible for various cloud security services, technologies, programs, and processes as assigned.  Interface with architects, IT groups, and other entities to ensure that security is evaluated and embraced in Jabil.  Lead activities to determine the security landscape, threats and vulnerabilities, appropriate security tools, processes, policies and opportunities to mitigate risk to Jabil.  Ensure compliance to Jabil’s security policies.  Optimize and automate security tools and perform complex tuning and filtering of devices.

Responsible for security services, technologies, programs, and processes as assigned.  Interface with architects, IT groups, and other entities to ensure that security is evaluated and embraced in Jabil.  Lead activities to determine the security landscape, threats and vulnerabilities, appropriate security tools, processes, policies and opportunities to mitigate risk to Jabil.  Ensure compliance to Jabil’s security policies.  Optimize security tools and perform complex tuning and filtering of devices. 
 

This position is primary focused on however not limited to the development, integration, and automation of Detect and Respond capabilities for our SOC and CIRT teams.

 ESSENTIAL DUTIES AND RESPONSIBILITIES include the following.  Other duties may be assigned.

  • Supports 24/7 global operations responding to security events in the environment; on-call as required.
  • Ensure security of all assets in the cloud by integrating security best practices for Incident detection and response. Work with corporate security team to enforce policies and deploy cloud security tools to protect and monitor access.
  • Assist in the development and enforcement of the Cloud Security Standard
  • Build and deploy new information security services and capabilities in both AWS and MS Azure
  • Assist with the integration of existing enterprise security solutions with cloud environments
  • Effective and proficient in troubleshooting issues with cloud security services
  • Automate various cloud information security processes
  • Develop automation frameworks and security policies and best practices for public cloud platforms
  • Mentor others in the principles and best practices of cloud security and secure-by-design deployments
  • Assess, harden, and develop secure infrastructure as code, using templates, golden images, and other resources for consumption
  • Implement event-driven automations on cloud-native tooling (e.g. Lambda, Step, etc.) to respond to security incidents.

  • Maintain discretion and confidentiality in all areas pertaining to Jabil’s information assets, data and proprietary information, whether internal to Jabil or customer specific
  • Demonstrate a commitment to customer service; anticipate, meet and exceed expectations by solving problems quickly and effectively, making customer issues a priority
  • Continuously look for improvement opportunities in each area of Jabil’s information security program
  • Create reports for assigned areas of responsibility
  • Exchange knowledge and information with other Jabil facilities to ensure best practices are shared throughout the Jabil organization
  • Perform mentoring and education for security staff members
  • Understand and embrace the business and IT strategic direction
  • Train and educate Site Security Coordinators on their role and security requirements
  • Manage Security Programs in assigned area
  • Consult with various entities to recommend security solutions and designs
  • Assure that procedures and work instructions are efficient and not redundant
  • Lead external and internal third party audit activities.Participate in customer and group audits as required
  • Identify required metrics, goals, formulas, reporting processes, etc
  • Lead or assist security team efforts for IT Security, compliance or customer audit activities
  • Offer new ideas and suggestions for improvement. Identify and implement new practices and processes that are “best in field”
  • Lead efforts to create and implement security standards, policies, guidelines, and practices
  • Own assigned processes and ensure process requirements are being met and that the process continues to be improved
  • Lead Global or Regional merger, greenfield, and acquisition security activities and ensure all requirements are met, processes established and training performed
  • Lead security activities when reducing or shutting down existing facilities to ensure all security requirements are fulfilled
  • Identify Potential Threats and vulnerabilities and lead the mitigation of identified threats
  • Identify Security patches and vulnerabilities to be evaluated for impact and risk to Jabil
  • Lead the deviation process for assigned area and ensure the deviation process is understood and followed
  • Lead Incident Response Process as required.Lead efforts to investigate and remediate security incidents and prepare and complete required Security reports associated with the Incident Response Process
  • Ensure business requirements are met for contracts and licensing, forecast, service level agreement, and associated policies for assigned service
  • Understand the Security service's technology and its capabilities.Determine downtime requirements, upgrades, etc
  • Lead strategic Security service Ownership activities to help set direction and establish patterns of continuous improvements
  • Ensure that the Security service meets all intended regulatory and compliance requirements
  • Assist with Security Deviation Audits
  • Approve recommended or requested policy changes to tool configurations
  • Stay abreast of new tools and approaches in the security arena and meet with vendors or service providers as required
  • Determine which tools should be evaluated and lead tool or service evaluation
  • Lead activities that help determine Jabil’s security architecture and ensure that selected solutions meet all required business and compliance requirements
  • Consult with architects and other groups to ensure that solutions entering Jabil meet security requirements and also ensure that security solutions satisfy architecture requirements
  • Lead investigation and forensic efforts in sensitive and complex investigations and circumstances
  • Make judgments on whether security events are incidents and initiate Incident Response process when necessary
  • Perform advanced security incident investigation and event correlation analysis in sensitive and complex investigations and circumstances
  • Handle Escalation from Security Analysts and Security Engineers
  • Analyze security violation reports for suspicious and dangerous activity
  • Prepare summary reports for distribution to management
  • Submit tickets to the Service Desk describing security incidents with supporting information or evidence
  • Determine requirements for environment analysis such as: port scanning, vulnerability assessment tools, which tools are prohibited, etc
  • Ensure proactive steps are taken for any potential Security Tool problems such as: performance degradation, reliability/availability and security issues
  • Approve security device tuning and filtering requests and ensure no negative impact to Jabil’s enterprise

MINIMUM REQUIREMENTS

Masters Degree preferred; or Bachelor’s degree in Computer Science or Management of Information Systems; or 10 years or more equivalent external work experience; or equivalent formal training in related duties.  Significant experience and understanding in two or more of the following areas:  AWS or Azure security best practices, Security technologies and tools, Forensic investigation and incident response tools and processes, IT technologies and tools (Networking, Systems, Applications, Databases, etc.), Security services or program management.  Global experience and working with different cultures is required.  Excellent documentation skills.  Two or more of the following, or similar certifications is preferred and one required: CCNA, MCSE, CISSP, GIAC, CISM, CySA, GSEC, GCIH or security tool certification.


Preferred Qualifications:

  • Expert working knowledge of perimeter technologies, networking, and packet capture and analysis.
  • Expert working knowledge of security tools (e.g. SIEM, NetFlow, IDS/IPS, endpoint solutions, DLP).
  • Advanced technical knowledge of operating systems, network services, applications, and security logging.
  • Experienced in common SOC programming languages (e.g. Python, PowerShell, PERL, Splunk SPL).
  • Experienced in Security Orchestration, Automation, and Response and User Behavior Analytics tools.

Ability to read and comprehend simple instructions, short correspondence, and memos.  Ability to write simple correspondence.  Ability to effectively present information in one-on-one and small group situations to customers, clients, and other employees of the organization.

PHYSICAL REQUIREMENTS

Individual will be required to use computer keyboards or other equipment for extended periods of time. Individual may be required to sit or stand for extended periods of time. Specific vision abilities required for this job include; close vision for reading and studying technical materials, and use of computer monitor screens a great deal of the time. Specific physical abilities required by the job may include walking, reaching, carrying, and lifting up to 25 lbs with some occasional lifting up to 50lbs.

WORK ENVIRONMENT

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Individual’s primary workstation is located in the office area, with some time spent on the manufacturing floor.  The noise level in the work environment ranges from low to moderate.

This job cannot be performed remotely in the state of Colorado.
Image 17 (1)

¿No estás listo para aplicar? ¡Únase a la red profesional de Jabil!

Más información sobre las próximas oportunidades profesionales y eventos Jabil

Únete ahora