Senior Cloud Security Engineer
Company: Discount Tire Corporate Careers
Posted on: January 13, 2022
Here at Discount Tire, we celebrate the spirit of our people
with extraordinary pride and enthusiasm. Our business has been
growing for more than 60 years and now is the best time in our
history to join us. We are opening more locations every year and we
are always looking for qualified individuals to join us in our
growth. We are a company that promotes from within, both in our
retail and corporate operations.
Under minimal supervision, the Senior Cloud Security Engineer will
design, deploy, and manage security technologies and modern
automation tools for the enforcement of Discount Tire security
controls across private and public cloud service platforms. This
role will serve as a subject matter expert on cloud security and be
an integral member of the organization's security and risk team.
The role includes collaborating with software development teams,
cloud engineering teams, and business teams to enhance and deploy
industry best practices and cyber security solutions.
Essential Duties and Responsibilities:
--- Design, implement, and maintain custom and native cloud
security services in a large-scale hybrid multi-cloud cloud
--- Develop new automation, orchestration and configuration
management tools and workflows to accelerate the secure migration
to, and adoption of, public cloud services.
--- Collaborate with security architecture and engineering, cloud
platform engineering and operations teams to design and deploy
adequate security controls to align with business strategies and
--- Manage Discount Tire x.509 PKI services, certificate lifecycle
management solutions, native cloud cryptographic solutions, and SSH
key management (e.g. SCEP, ACME).
--- Manage and configure Discount Tire Cloud Security Posture
Management (CSPM) platform and Cloud Workload Protection (CWPP)
configurations to align with NIST, CIS, ISO 27001, ISO 31000, and
Cloud Security Alliance (CSA) security standards.
--- Collaborate with software development teams in the deployment
of automated "Shift Left" and DevSecOps capabilites for
vulnerability scanning of opensource packages, libraries, and
containers, microservices, and serverless functions in the Jenkins
CI/CD pipeline. To include infrastructure-as-code (IaC) scanning
into CloudFormation and Kubernetes manifests.
--- Manage the CSPM integrated vulnerability management dashboard
to bring visibility of the Discount Tire multi-cloud technical
security debt. Generate a reporting dashboard for compliance and
--- Configure and tune cloud web application firewalls (WAF), DDOS,
and BOT protection policies and services.
--- Collaborates with Security Operations Center with the
development of Enterprise Splunk security event management and
alerting on SaaS / cloud hosting provider security events.
--- Participate in the standards development and implementation of
applicable security and enterprise architecture standards.
--- Ensure that accurate design diagrams, system configurations,
process design documentation, operating procedures and application
integration documentation is delivered and maintained.
--- Coordinate with SOC and Splunk administration team to configure
remote API log collection for cloud services and SaaS
--- Provide support to Security and Network Operations Team,
knowledge transfer and serve as escalation point for Tier III and
--- Completes work in a timely and accurate manner while providing
exceptional customer service.
--- Other duties as assigned
--- Minimum 5 years demonstrated experience in cloud security
domains and/or IT security engineering experience.
--- Deep technical knowledge of Amazon Web Services, Azure,
Salesforce and Google cloud platforms.
--- Strong understanding of SaaS services and application workload
security in the context of cloud services design.
--- Stong background in systems engineering with Windows server and
Linux (RHEL) Apache, SAP Hybris, MySQL, Tomcat, and native cloud
--- Stong knowledge of network and web related protocols (TCP/IP,
UDP, IPSEC, HTTP, HTTPS, routing protocols).
--- Experience with mobile application and device security posture
--- Demonstrated proficiency to automate/script daily tasks through
Java, JSON, Python, Bash, or equivalent.
--- 4 years' experience / knowledge of LDAP/AD directory services,
cloud identity federation services, OIDC/OAuth2, and SAML2 single
sign on technologies.
--- Solid understanding of x.509 PKI services, certificate
lifecycle management, native cloud cryptographic solutions, SSH key
management (e.g. SCEP, ACME).
--- In-depth understanding of software development process, DevOps,
Jenkins CI/CD, and BitBucket.
--- Good oral, interpersonal, and written communication skills, and
the capability to explain current threats to cloud infrastructure
and/or IT infrastructures at technical and managerial levels.
--- Ability to build relationships and operate within a
collaborative team environment.
--- The ability to work efficiently and accurately in highly
collaborative team environment under pressure, meet deadlines,
present a professional demeanor and work well independently is
--- In addition, troubleshooting, organizational and
problem-solving skills with a can-do attitude and the ability to
adjust to changing requirements are essential.
--- Maintaining confidentiality, treating others with respect and
upholding Company values is key.
--- This position requires BA/BS Computer Science degree,
Information Security or related field or equivalent work experience
may be substituted.
--- Security certification(s) desired (e.g., CEH, CCSP, CISSP,
GIAC, etc.) or obtainable within 12 months.
--- Cloud certification(s) desired.
--- A Master's degree highly preferred.
Normal work days are Monday through Friday. Occasional Saturdays
and Sundays may be necessary.
Normal work hours are between 7:00 a.m. to 5:00 p.m. Occasional
overtime (more than forty hours per week) may be necessary.
Keywords: Discount Tire Corporate Careers, Scottsdale , Senior Cloud Security Engineer, Engineering , Scottsdale, Arizona
Didn't find what you're looking for? Search again!