Cyber Command Cloud Security Engineer

New York, United States | Posted on 04/22/2025

New York, NY 10038 (Hybrid – 3 days onsite / 2 days remote)

Note: Candidates with State, City, or Federal experience are required.

• Each candidate must submit a government-issued ID (Driver’s License or Passport) and provide three professional references (names, official emails, and phone numbers).

Job Description:

The City of New York – OTI is seeking a Cyber Command Cloud Security Engineer to work within its Cloud Security & Enterprise Cyber Defense team. This individual will be responsible for designing and implementing identity assurance, cloud security hardening, privileged access management, and data loss prevention strategies in both cloud and on-premises environments. The role involves engaging with City Agencies and private sector partners to strengthen cybersecurity posture across all systems.

Specialty Areas:

1. Cloud Security & Identity Management – Implement and manage IAM, PAM, CASB, SSE, and cloud security controls.
2. Risk Assessment & Compliance – Conduct cybersecurity risk analysis and develop strategies to mitigate agency-specific threats.
3. Security Engineering – Deploy security frameworks for Zero Trust, Data Loss Prevention, and identity governance.
4. Telemetry & Monitoring – Collect and process telemetry and event data across platforms for threat monitoring.
5. Collaboration & Documentation – Work with multiple stakeholders and maintain detailed security documentation.

Responsibilities:

1. Conduct organization-wide cybersecurity risk assessments and communicate findings.
2. Develop and implement strategies for identity and cloud security.
3. Manage cloud-based technologies including Azure, AWS, and Google Cloud environments.
4. Design and deploy CASB, SSE, and DLP tools for proactive security enforcement.
5. Translate compliance requirements into enforceable security controls.
6. Guide teams on secure infrastructure design (“secure by default”).
7. Monitor and resolve security vulnerabilities; enforce cloud security standards.
8. Create cybersecurity metrics and reporting for leadership updates.
9. Lead implementation of Zero Trust and Identity Governance policies.
10. Work with incident responders and stakeholders to drive security solutions.

Skill Matrix:

1. Information Security – 12+ years
2. IT Infrastructure, Middleware, Architecture – 8+ years
3. Cloud Security (Azure, AWS, GCP) – 4+ years
4. IAM, PAM, SAML, MFA, TLS/SSL – 8+ years
5. CASB, SSE, DLP – 4+ years
6. Security Telemetry & Event Data Tools – 4+ years
7. Windows, Linux, or MacOS Administration – 4+ years
8. EDR/XDR and Cloud Security Tools – 4+ years
9. Scripting (Python, Bash, PowerShell) – Required
10. Vulnerability & Application Scanning Tools – Required
11. Strong Documentation & Collaboration Skills – Required

Mandatory Requirements:

1. Bachelor’s degree in Computer Science, Information Systems, or related field.
2. Minimum 12 years of experience in information security.
3. At least 8 years in infrastructure, architecture, and IT operations.
4. Minimum 4 years of experience in cloud environments (Azure, AWS, GCP).
5. Familiarity with security frameworks, Zero Trust, DLP, SSE, and telemetry tools.

Preferred Qualifications:

1. Experience with PAM solutions, SASE/CASB products (NetSkope, Zscaler, etc.).
2. Familiarity with MS Entra AD, Defender for Office, Skyhigh Cloud.
3. Understanding of CIS Controls and secure software development lifecycle.
4. Experience with Log aggregation tools (Syslog-NG, LogScale/Humio).
5. Strong understanding of endpoint security, configuration, and asset management.
6. Excellent analytical, problem-solving, and communication skills.

Submission Requirements:

• Three professional references (Names, official emails, phone numbers)