Senior Cloud Security Engineer (AWS Specialist)

Who are we?

We are The Motley Fool a purpose-driven financial information and services firm with nearly 30 years of experience focused on making the world smarter happier and richer. But what does that even mean?! It means we’re helping Fools (always with a capital “F”) demystify the world of finance beat the stock market and achieve personal wealth and happiness through our products and services.

The Motley Fool is firmly committed to diversity inclusion and equity. We are a motley group of overachievers that have built a culture of trust founded on Foolishness fun and a commitment to making the world smarter happier and richer.  However you identify or whatever winding road has led you to us please don't hesitate to apply if the description above leaves you thinking 'Hey! I could do that!'

What would you do in this role?

We are looking for a seasoned Cloud Security Engineer with 5+ years of focused experience in AWS infrastructure to lead our cloud security initiatives. The ideal candidate will have a profound understanding of AWS services and solutions Infrastructure as Code (IaC) expertise in using Terraform. The successful candidate will be pivotal in refining our cloud security frameworks ensuring our data and infrastructure's security confidentiality and availability. This role requires a proactive approach towards the cloud security process working in close collaboration with our CloudOps team and other technical teams to integrate and enhance security measures across all aspects of our cloud infrastructure.

But what does this role actually do?

• Take full ownership of the cloud security process working with teams on design to implementation and management focusing on a secure scalable and robust AWS infrastructure using Terraform and other IaC tools.

• Lead the analysis development and enforcement of AWS Security Group Policies ensuring secure network environments and compliance with all regulations.

• Spearhead infrastructure vulnerability scans identify security threats and champion the development and implementation of preventative measures.

• Drive the selection implementation and management of Endpoint Detection and Response (EDR) solutions maintaining vigilance against cybersecurity threats.

• Facilitate a seamless collaboration with the CloudOps and other technical teams to weave security best practices into the fabric of our cloud operations.

• Keep abreast of the latest in security threats vulnerabilities and control techniques advising on security enhancements as necessary.

• Initiate and oversee security projects including cloud security architecture reviews and risk assessments and develop comprehensive security guidelines and procedures.

• Offer technical leadership and security awareness training to team members and stakeholders fostering a strong security culture within the organization.

What do you need to apply?

• A minimum of 5+ years of dedicated experience in AWS services and solutions

• Management & Governance - CloudFormation CloudTrail Management Console Service Manager

• Networking - VPC Network Firewall Firewall Manager Cloud Map PrivateLink VPN

• Security Identity & Compliance - Detective GuardDuty Inspector Verified Permissions Certificate Manager CloudHSM Key Management Security Hub

• Expertise in Infrastructure as Code (IaC) and hands-on experience with Terraform.

• Demonstrable experience in analyzing designing and implementing AWS Security Group Policies.

• Familiarity with DevSecOps practices and tools

• Solid understanding of cloud architecture network security and data protection principles.

• Proficiency in conducting infrastructure vulnerability scans and working with EDR solutions.

• Skilled in scripting languages (e.g. Python Bash) for automating security tasks.

• Knowledge of compliance frameworks and standards such as ISO 27001 SOC 2 NIST 800 GDPR and CCPA.

• Exceptional problem-solving abilities capable of tackling complex security issues with innovative solutions.

• Outstanding communication and team collaboration skills essential for working effectively across departments.

It’s even better if you have…

• Prior development experience

• Experience with Docker and Kubernetes

• SentinelOne EDR solution implementation & management

• ZScaler Private Access and VPN solution implementation & management

• RunZero Tenable Nessus implementation & management

• Wiz

• ArmorCode

• Jira

Our targeted cash compensation for this role is between $160000 and $185000 which does not include any potential equity offerings. Below you’ll see a few of our perks but check out this site for the complete list:

• No “vacation policy” (not to be confused with a “No vacation” policy)

• Paid maternity paternity and pet-ernity leave

• $1000 to invest when you start

• Super low premiums for medical dental and vision coverage

• Comprehensive compensation package including company equity

Please note no sponsorship is available for this position. You must reside in or be willing to relocate to one of these states for employment: California Colorado Florida Louisiana Maryland Massachusetts New Jersey New York North Carolina Oregon Pennsylvania South Carolina Tennessee Texas Virginia Washington DC and Wisconsin.