Job Description

Job Description Summary:
Secure the enterprise cloud infrastructure and perform ongoing enterprise information security threat monitoring and remediation, including monitoring and detecting malicious activity. Contribute to the design and development of the Azure and Microsoft 365 security architecture for data and infrastructure. Influence the security vision and strategy around cloud-based applications (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)). Align cloud security strategy with business goals. Aid in the prevention of data thefts, unwanted deletion of data, and data breach incidents.

The ideal candidate will be familiar with a variety of cloud security concepts, practices, and procedures, and rely on experience and judgment to plan and accomplish goals.

The anticipated hiring salary range: $95k - $100k

COMPREHENSIVE BENEFITS PACKAGE:
Health coverage on day one, dental, vision, employer paid life, LTD, flexible benefits plan, miscellaneous voluntary plans available, paid vacation and sick (accruing upon hire), paid holidays, paid discretionary day, paid bereavement leave, paid jury duty leave, military leave, paid parental leave, retirement plan.
Job Description:
The Cloud Security Engineer (CSE) will secure the enterprise cloud infrastructure and perform ongoing enterprise information security threat monitoring and remediation. The CSE will contribute to the design and development of the Azure and Microsoft 365 security architecture for data and infrastructure. The CSE will influence the security vision and strategy around cloud-based applications (including Infrastructure, Platform, and Software as a Service (IaaS/PaaS/SaaS)).

The CSE will aid in the prevention of data thefts, unwanted deletion of data, and data breach incidents and will oversee the strategic, operational, and tactical aspects of cloud security.

The CSE’s responsibility will also include monitoring and detecting malicious activity once the system is deployed.

The CSE will be responsible for aligning cloud security strategy with business goals and working towards finding the optimum balance between information security risks and controls while enabling the business.

Key Roles and Responsibilities:

Identify and Implement:

Identify and mitigate cloud security risks, threats or weaknesses within the existing cloud infrastructure and solutions.
Recommend investments in solutions or changes in work processes that enhance cloud security.
Involvement with the implementation and advancement of a continuous monitoring environment and security controls related to cloud risk.
Involvement in the implementation and advancement of KUMC’s adverse incident response plan.
Based on business requirements, design, develop, and implement cloud-native security architectures and designs that allow those requirements to be met with a minimal degree of risk and with appropriate security controls present.
Analysis/Actions:

Identify cloud security design gaps in existing and proposed architectures and recommend changes or enhancements.
Perform root cause and impact analysis of events that may be a risk to KUMC’s cloud environment.
Conduct postmortem reviews of adverse incidents related to KUMC’s cloud environment, to ensure that actions are appropriate, gaps are identified, and procedures are updated and understood by team members.
Develop and maintain cloud security strategy and architecture which aligns with business goals.
Documentation:

Create documentation on specific remediation steps to close vulnerabilities or mitigate risk to acceptable levels.
Create technical documentation so other team members or peers may use for reference.
Develop and maintain cloud security architecture artifacts (e.g., baselines, models, templates, standards, and procedures) to be used to leverage cloud security capabilities in projects and operations.
Revise and/or update documentation and artifacts to identify and address newly emerging tactics, trends, and techniques.
Compliance / Policy / Process

In conjunction with the Office of Compliance, monitor and assure compliance that is related to federal and state laws and regulations, and University policies and practices.
Develop and implement audit plans for assessing cloud security risks within the KUMC community.
Demonstrated level of integrity and judgment concerning privacy issues, and the ability to maintain a well-reasoned, objective, and independent point of view.
Contribute to the annual employee information security compliance training.
Communicate/Collaborate:

Represent Information Security as a senior technical representative while engaging with other senior technical leaders throughout organization in design and implementation of cloud and cloud/hybrid-based implementations and solutions, including the external teams at Kansas University and the University of Kansas Health System.
Provide detailed cloud security consulting and reporting to executives, clients, business owners, and technical experts across the enterprise.
Establish and maintain effective partnerships with the various teams and KUMC communities, to evangelize and educate about cloud security priorities, methodologies, awareness, and compliance across the organization.
Lead or participate in related committees and coordinate security efforts across the organization to identify key cloud security initiatives and standards.
Coordinates with enterprise architects and information architects to ensure new cloud services align to roadmaps and to understand the impact on the organization’s information architecture.
Other tasks and responsibilities on an ad-hoc or project basis.
Required Qualifications

Graduation from a four-year college or university with a degree or major course work in computer science, telecommunications, networking, engineering, or other related technical fields. Four-year degree can be substituted with eight years of experience.
Seven years of progressive work experience in information technology
4 years’ experience with information security
3 years’ experience utilizing and securing Microsoft Azure cloud computing or Microsoft 365 environments.
Experience with managing and implementing technical solutions that require involvement from multiple team members across the organization.
Certified Cloud Security Professional (CCSP) or similar Cloud certification (candidates not certified will be expected to achieve certification within 12 months of hire).
Must be available for 24/7 on call-support.
Preferred Qualifications

Master’s degree in a related technical area.
Related work experience in a higher education or academic health organization.
Knowledge of and experience implementing technical aspects of compliance standards\regulations such as HIPAA, Gramm-Leach-Bliley, PCI DSS, etc.
Knowledge of and experience implementing an information security framework based on either ISO 17799, NIST 800-30, CObIT, etc.
3 years’ experience utilizing and securing other cloud computing environments. (Ex: AWS and GCP)
Experience with DevSecOps and application security.