Cloud Security Engineer

life insurance, sick time, 401(k), retirement plan

May 15, 2025

For the automation side we're looking for some one with considerable experience with advanced scripting in object-oriented languages like Python, Powershell, etc. Preferably in a Devops like capacity, but we'll take the advanced scripting over Devops experience.
* Minimum 5 years' experience with emphasis on cloud security and system administration.
* Deep understanding of network security best practices, including securely establishing connections to on-prem and cloud resources based on a zero-trust model.
* Hands on experience with network traffic analysis using tools including wireshark, tcpdump, and netflow data.
* An in-depth knowledge of network protocols.
* Proficient with scripting in languages such as Python and PowerShell.
* Proficiency in [Wiz.io](https://wiz.io/) toolset.
* Strong experience with Kubernetes architecture and security.
*Description*
Overview:
This position is a new role within the Enterprise Information Security Group (EISG) and is expected to provide technical expertise in our platform security program at American Financial Group. This is an advanced role within the team and will be a key resource in assuring the secure posture of numerous platforms. The successful candidate will possess advanced administrative and troubleshooting skills, and be knowledgeable about architecture, engineering and design policies and principles.
Along with security leadership and security architecture this role will continually assess the threat landscape and adapt quickly to protect the business from risk. They must be highly technical and possess at least 5-7 years' experience in security and system administration across a wide variety of local / cloud infrastructures and platforms, including software as a service (SaaS), infrastructure as a service (IaaS), and platform as a service (PaaS), as well as Kubernetes. This role will interface often with other business units and require strong listening and communication skills.
Responsibilities:
Primary Job Responsibilities will include:
*Develop and maintain secure platform security policies in our Cloud Security Posture Managment tool.
*Help develop rich vulnerability and remediation strategies for platform security incidents.
*Protect key infrastructure in compliance with privacy, security, business resiliency, and compliance frameworks as defined.
*Conduct rigorous oversight of security systems and security configuration administration to reduce risk to enterprise systems and accounts.
*Work with key stakeholders to ensure proper best practices are being considered as key platforms are deployed.
*Document, formulate and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
*Build relationships with infrastructure and development groups to incorporate security principles into engineering design and deployments.
*Develop partnerships with IT production and engineering teams.
*Analyze and implement recommendations for security best practices and improvements to cloud infrastructure.
*Design and implement extensible and maintainable enterprise grade solutions using existing toolsets.
*
*Develop high-quality technical content including automation tools, reference architectures, and baselines to help our partners build on the work we deliver.
*Attend and fully engage in change and project management meetings.
*Mentor and invest in the development of team members.
*Performs other duties as assigned.
Qualifications:
*College degree in technology / sciences or equivalent work experience.
*Minimum 5 years' experience with emphasis on cloud security and system administration.
*Deep understanding of network security best practices, including securely establishing connections to on-prem and cloud resources based on a zero-trust model.
*Hands on experience with network traffic analysis using tools including wireshark, tcpdump, and netflow data.
*An in-depth knowledge of network protocols.
*Proficient with scripting in languages such as Python and PowerShell.
*Proficiency in Wiz.io toolset.
*Strong experience with Kubernetes architecture and security.
*Detailed understanding of interacting with APIs.
*Hands on experience with DevOps tools and practices, including CI/CD pipelines, containerization, and infrastructure as code (IaC).
*Understanding of NIST, OWASP, CIS, CVSS, the MITRE ATT&CK framework and the secure software development lifecycle.
*Experience with operations and security across Amazon Web Services (AWS) Microsoft Azure, and Kubernetes.
*CCSK, CCSP, CISSP or equivalent security credential preferred.
*Strong communication skills required.
*Collaborate across a wide audience of stakeholders regarding business objectives, priorities, and impact of proposed changes.
*Ability to think both strategically and tactically and be recognized as a thought leader within the security group.
*Experience with public cloud VM/Storage architectures such as EC2, S3 and EBS..
*Familiarity with DevOps tools such as Terraform, Nexus Repository Manager, Git/Stash, Jenkins, VMware vRealize Automation (or VCD), Packer, Vagrant, Docker, Sonar.
*Motivated Self-starter, problem solver.
*Skills*
Kubernetes, Wiz.IO, Python
*Additional Skills & Qualifications*
*Detailed understanding of interacting with APIs.
*Hands on experience with DevOps tools and practices, including CI/CD pipelines, containerization, and infrastructure as code (IaC).
*Understanding of NIST, OWASP, CIS, CVSS, the MITRE ATT&CK framework and the secure software development lifecycle.
*Experience with operations and security across Amazon Web Services (AWS) Microsoft Azure, and Kubernetes.
*CCSK, CCSP, CISSP or equivalent security credential preferred.
*Strong communication skills required.
*Collaborate across a wide audience of stakeholders regarding business objectives, priorities, and impact of proposed changes.
*Ability to think both strategically and tactically and be recognized as a thought leader within the security group.
*Experience with public cloud VM/Storage architectures such as EC2, S3 and EBS..
*Familiarity with DevOps tools such as Terraform, Nexus Repository Manager, Git/Stash, Jenkins, VMware vRealize Automation (or VCD), Packer, Vagrant, Docker, Sonar.
*Motivated Self-starter, problem solver.
*Pay and Benefits*
The pay range for this position is $65.00 - $80.00/hr.
Eligibility requirements apply to some benefits and may depend on your job
classification and length of employment. Benefits are subject to change and may be
subject to specific elections, plan, or program terms. If eligible, the benefits
available for this temporary role may include the following:
* Medical, dental & vision
* Critical Illness, Accident, and Hospital
* 401(k) Retirement Plan - Pre-tax and Roth post-tax contributions available
* Life Insurance (Voluntary Life & AD&D for the employee and dependents)
* Short and long-term disability
* Health Spending Account (HSA)
* Transportation benefits
* Employee Assistance Program
* Time Off/Leave (PTO, Vacation or Sick Leave)
*Workplace Type*
This is a fully remote position.
*Application Deadline*
This position is anticipated to close on May 28, 2025.
About TEKsystems and TEKsystems Global Services

We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

Helping all candidates find great careers is our goal. The information you provide here is secure and confidential.

We are now directing you to the original job posting. Please apply directly for this job at the employer’s website.