Apply on Employer Site

Alarm.com · 3 days ago

Security Engineer

Tysons Corner, VA

Full-time

Onsite

Mid Level

3+ years exp

Alarm.com is the leading cloud-based platform for smart security and the Internet of Things. The Cloud Security Engineer will support the security of cloud environments across AWS, GCP, and Azure, assist in identifying and mitigating security risks, and work with various teams to incorporate security into the software development lifecycle.

InternetInternet of ThingsSecurityWireless

Culture & Values

No H1B

Responsibilities

Experience or familiarity with cloud security or engineering in public cloud providers AWS, GCP, and Azure

Assist in evaluating, reviewing, and deploying cloud native security tools in AWS and Azure

Support in monitoring, configuring rules, and enforcement using cloud security platforms such as CNAPP, CSPM, CWPP, CASB and CIEM

Assist in utilizing the Wiz tool for cloud security posture management, including configuration analysis, vulnerability detection, and compliance monitoring

Support in selecting and acquiring additional security solutions or enhancements to existing security solutions to improve overall enterprise security

Assist in determining, monitoring, and maintaining our security posture, in collaboration with the Engineering team

Support in overseeing and managing the deployment, integration, and configuration of security solutions and any enhancements to existing security solutions and the enterprise’s security documents

Collaborate with development, operations, and security teams to integrate security into all phases of the software development lifecycle

Assist in developing and maintaining threat models for cloud environments and help train engineering teams to develop attacker/risk-driven design skills

Actively partner with infrastructure, application, and other stakeholders to ensure deployed solutions minimize security and privacy risks

Assist in recommending actions/practices to management to ensure compliance with security and regulatory requirements in decision-making processes

Suggest actions to mitigate risk in any activity that potentially impacts the security of existing IT and information management

Assist in crafting responses to client and partner security questionnaires

Other duties as assigned

Qualification

Cloud SecurityAWSGCPAzureCISSPCISAOSCPPythonInfrastructure as CodeCommunication SkillsAttention to DetailTeam Collaboration

Required

B.A. or B.S. in Computer Science or a similar engineering program, or equivalent experience

3-5 years of Cloud Information Security experience, with a focus on public cloud providers such as AWS, GCP, and Azure

Must stay up to date on the latest cloud security advisories, alerts, and vulnerabilities

Strong verbal and written communication skills for a highly collaborative environment

Attention to detail and focus on quality of deliverables

Proven team experience and comfort in a team-oriented environment

Passion for working with cloud technology and excitement for creating high quality, secure consumer technology products

Preferred

AWS Security, CISSP, CISA, OSCP or other information security certification is a plus

Experience in performing security reviews of cloud application designs, source code and deployments is beneficial

Familiarity with AWS services like EC2 & ECS, WAF & VPC configuration & IAM rules, and cloud security platforms such as CNAPP, CSPM, CWPP, CASB, CIEM is beneficial

Familiarity with Infrastructure as Code (IaC) tools like Terraform/CloudFormation is a plus

Comfortable with Python and able to read Java when necessary, with an emphasis on cloud security scripting and automation