Join Our Winning Team as a Cloud Security Engineer
Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We're more than just a company: We help millions of consumers make more-informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment. One last thing: Our four-day week continues in Summer 2024!
The Cloud Security Engineer role will play a pivotal role in safeguarding our organization's information systems, networks, and data assets from cyber threats. The successful candidate will join a team of talented security professionals, implement robust security measures, and contribute to the development and enhancement of our overall cybersecurity strategy.
At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 3 days per week in our Centreville, VA office subject to change with future business needs.
What you'll be doing:
Engineer and maintain security solutions in a dynamic private and public cloud environment
Secure applications and infrastructure in a large multi-account AWS Organization
Conduct detailed assessments of systems, applications, and infrastructure to ensure they are appropriate, secure, and defensible based on least privilege
Respond to and mitigate security incidents (ex. threat hunting, event analysis, investigations, post-incident analysis, etc.)
Develop and implement security strategies and policies to protect the organization's cloud assets
Integrate security tools into SIEM and SOAR platforms to feed to security operations
Serve as a subject matter expert and provide expertise on topics related to cloud security
Enhance enterprise security posture to better protect against attacks and detect new threat vectors
Assess and analyze security risks, recommending and implementing measures to mitigate identified risks
Self-organize and prioritize activities independently.
Create and maintain documentation and perform status reporting.
What we're looking for:
Bachelor of Science degree in Computer Science, Information Assurance, or a related field with a minimum of 5 years hands-on experience in a security engineering role
Industry relevant professional certifications including but not limited to: CISSP, CCSP, GIAC Cloud Security Automation (GCSA), GIAC Cloud Penetration Tester, (GCPN), SANS GIAC Public Cloud Security (GPCS), CCSK, AWS Solutions Architect - Associate, AWS Solutions Architect - Professional, AWS Certified Security - Specialty
Strong understanding of security in core AWS services (EC2, ECS, Lambda, IAM)
Strong understanding of serverless technologies and security implications deployed in public cloud - AWS Lambda, Containers (ECS Fargate, EKS)
Experience in engineering cloud security guard rails in AWS/Azure
Expertise in securing container images at rest, build, and runtime
Experience with Key Management - Privileged account management solutions in the cloud for key management, service account and secrets management, rotation, and event response, including tools such as Secret Server (Thycotic), Vault (HashiCorp), Cloud KMS, or similar tool set
Ability to communicate with different levels of leadership conveying risk and driving urgency for risk remediation
Ability to mentor and train team members to work effectively and securely in the cloud
Highly preferred to have:
Hands-on experience implementing security tools into CI/CD pipelines
Experience with web application security and penetration testing
Experience with Identity and Access Management (IAM) and Privileged Access Management (PAM) solutions
Experience with various virtualization and cloud technologies including on-prem virtualization, SaaS, PaaS, & IaaS
Experience with both Windows & Linux based operating systems
Knowledge of risk management and NIST Cybersecurity Framework controls
Working knowledge with automation and monitoring platforms
Experience operating security training and awareness programs
What's in it for you:
Competitive compensation, benefits and generous time-off policies
4-Day summer work weeks and a winter holiday break
401(k) / DCPP matching
Annual bonus program
Casual, dog-friendly, and innovative office spaces
Don't just take our word for it:
10X Virginia Business Best Places to Work
9X Washingtonian Great Places to Work
9X Washington Post Top Workplace
St. Louis Post-Dispatch Best Places to Work
About CARFAX
CARFAX, part of S&P Global Mobility, helps millions of people every day confidently shop, buy, service and sell used cars with innovative solutions powered by CARFAX vehicle history information. The expert in vehicle history since 1984, CARFAX provides exclusive services like CARFAX Used Car Listings, CARFAX Car Care, CARFAX History-Based Value and the flagship CARFAX Vehicle History Report to consumers and the automotive industry. CARFAX owns the world's largest vehicle history database and is nationally recognized as a top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Service, Sell - Show me the CARFAX . S&P Global Mobility is a division of S&P Global (NYSE: SPGI). S&P Global is the world's foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets.
CARFAX is an Affirmative Action/Equal Opportunity Employer. It is the policy of CARFAX to provide equal employment opportunity to all persons regardless of race, color, sex, pregnancy, religion, national origin, age, ancestry, citizenship status, veteran status, military status, disability or handicap, sexual orientation, genetic information or any other status protected by federal, state or local law. In addition, CARFAX will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. We are a participant in E-Verify.