Cloud Security Specialist
LUXOFT is one of the major software services companies worldwide. We deliver professional software services in multiple business verticals such as finance, automotive, and digital transformation. Supporting large vehicle manufacturers in the area of development, production and aftersales is LUXOFT's ambition. The software inside a vehicle was traditionally expected to be a very controlled and self-contained environment. Bringing cars into an "always online" mode changes a lot in the overall picture of the vehicle manufacturer. LUXOFT's goal is to empower our customers with deep domain knowledge and smart solutions, to develop cars of the future. Great mechanical engineering is not the only criteria anymore for delivering the best cars in the world. Using state of the art software technologies are key to provide the requested user experience.
Within a team of experts, you are supporting a premium car manufacturer in Germany to define the foundation service for their cloud projects. From billing to technology stack to infrastructure, you support in different areas with your know-how and experience.
As a Cloud Security Specialist you will be responsible for identifying and developing cybersecurity controls across resources, network and data to identify and mitigate threats. Additionally, your tasks will be to build, automate and maintain solutions to raise the security level of the platform leveraging pre-existent and custom made products. Such solutions will be related to Logging and Monitoring, Identity and Access Management, Threat Monitoring, Vulnerability Assessment, Security Design and many more.
Demonstrated experience designing, developing, administering, and/or maintaining the security of cloud environments such as AWS, MS Azure; Extensive comprehension of cloud network architecture as well as network security; Experience in designing and implementing security related standards, specifications and procedures; Familiarity with cloud auditing security tools (e.g. Scout Suite, Prowler, Security Monkey, Cloud Custodian,Black Duck etc.) as well as AWS or MS Azure auditing security tools; Strong experience in building and deploying Infrastructure as Code using AWS CloudFormation, Azure Resource Manager, etc. Experience with scripting languages such as: Python, Bash, PowerShell. Experience in version control systems such as: Git, Bitbucket, etc. Knowledge of Cloud Security Alliance (CSA) Cloud Controls Matrix. Knowledge of data security requirements in the cloud aligned with FISMA, CJIS, PCI, HIPAA, NIST, FedRAMP, GDPR or other security compliance standards.
Experience with SIEM solutions (e.g. Splunk, etc.) Capability of building and deploying applications on the Cloud, using CI/CD frameworks such as: Ansible and Jenkins Experience with defining frameworks for validating and executing audits of Cloud security implementations Cloud security certifications (e.g. CCSP, Cloud+, AWS Certified Security, etc.0 Security certifications (e.g. CISSP, OSCP, CEH, etc.) Cloud certifications (e.g. AWS, Azure, Google)