Cloud Security Engineer - TEKsystems

Description

Cloud Security Engineer – Integration Modernization Initiative

Duration: Initial 12 months (with potential for extension)

Executive Summary

The Integration Modernization initiative aims to enhance this client's capabilities by modernizing existing systems, optimizing processes, and enabling seamless communication across various platforms, focusing on a move to Google Cloud Platform (GCP). As part of this effort, we will integrate a range of tools and technologies, including TIBCO, APIGEE, Kafka, and additional integration platforms (TBD) over the next 12 months.

Scope of Work

The Cloud Security Engineer will work closely with the Integration Modernization team to design, implement, and monitor security measures across various integration tools. They will ensure the integrity, confidentiality, and availability of data as it flows between systems. The security engineer will also assist in defining policies and best practices for integrating TIBCO, APIGEE, Kafka, and any future tools. This role will involve both strategic planning and tactical implementation.

Key responsibilities include:

1 Security Assessment and Risk Management:

◦ Conduct security risk assessments for integration tools (TIBCO, APIGEE, Kafka, etc.)

◦ Identify and mitigate potential vulnerabilities in cloud-based architectures.

◦ Ensure proper encryption and key management protocols are in place.

2 Architecture and Design:

◦ Collaborate with solution architects to design secure integration architectures, ensuring proper authentication, authorization, and data protection across the platforms.

◦ Work with cross-functional teams to integrate security into DevOps pipelines, CI/CD workflows, and API lifecycle management.

3 Tool and Platform Security:

◦ Ensure security configurations of TIBCO, APIGEE, Kafka, and other integration tools are aligned with industry standards and organizational policies.

◦ Manage security integrations with identity management systems.

4 Monitoring and Incident Response:

◦ Set up continuous monitoring for security events and anomalies across the integration platforms.

◦ Respond to security incidents and provide remediation guidance in the event of breaches or vulnerabilities.

5 Compliance and Auditing:

◦ Ensure compliance with relevant industry standards and regulations (e.g., GDPR, HIPAA, SOC 2, etc.) for the tools and services in use.

◦ Conduct regular audits of security controls and recommend improvements as needed.

6 Documentation and Knowledge Transfer:

◦ Maintain up-to-date security documentation for each platform transferring monitoring and incident response to the Security Operations Center.

◦ Conduct knowledge transfer sessions for the wider IT and security teams to ensure ongoing security practices are followed.

Resource Justification

The integration modernization initiative is crucial for maintaining competitive advantages and supporting the company’s strategic goals. As the organization adopts new cloud-based tools and integrates multiple platforms, securing these technologies is critical to minimizing risks associated with data breaches, cyberattacks, and regulatory non-compliance.

Given the breadth of tools involved, including TIBCO, APIGEE, and Kafka, a dedicated Cloud Security Engineer is required to ensure that security considerations are fully embedded into every phase of the integration process. Their expertise will not only safeguard the organization's assets but will also promote efficiency by proactively addressing potential security gaps before they evolve into major issues.

Skills and Experience Required

The ideal candidate will have a combination of the following skills and experience:

Technical Skills:

• Cloud Security Expertise: Experience securing cloud-based architectures, including AWS, Azure, or Google Cloud.

• Integration Platforms: Deep knowledge of integration tools such as TIBCO, APIGEE, and Kafka with a focus on security.

• API Security: Expertise in securing APIs using industry-standard protocols (OAuth 2.0, OpenID Connect, JWT, etc.).

• Network Security: Knowledge of securing microservices, messaging systems, and network communication in hybrid and multi-cloud environments.

• Identity and Access Management (IAM):Experience implementing IAM solutions for integration platforms, including SSO, RBAC, and MFA.

• DevSecOps: Familiarity with CI/CD pipelines and automating security controls within development processes.

Experience:

• 5+ years in cloud security or security engineering, with at least 2 years of direct experience securing integration technologies.

• Experience working in large-scale enterprise environments, particularly in industries where security and compliance are critical.

Skills

Security, Cloud, Information security, Cyber security, google cloud

Top Skills Details

Security,Cloud,Information security,Cyber security,google cloud

Pay and Benefits

The pay range for this position is $75.00 - $80.00

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)

Workplace Type

This is a hybrid position in Bolingbrook,IL.

Application Deadline

This position will be accepting applications until Jan 17, 2025.

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.