青岛招聘

Job Description

The Cloud Security Engineer will be providing the highest quality of security engineering solutions to Xylem Xcloud clients. The Cloud Security Engineer will be help design, implement, assess, and deploy cyber solutions.  This role is primarily focused on threat protection and enhancing the security of the cloud environment. This includes responsibility for day-to-day activities, security operations and the information security of the LAN, WAN, VPCs, and server infrastructure in our NA data centers and AWS. The Cloud Security Engineer will be responsible for development, implementation and maintenance of security solutions, including the ongoing assessment, tracking of and adherence to required security policy, guidelines and best practices across the customer solutions computing environment and will execute security policy, processes, procedures and protocols for networks and monitoring and will be responsible for keeping current with related security technology trends applicable to the environment. We are looking for someone with a strong background in security engineering and a proven ability to deliver under pressure in a 24/7 supported operations environment.

 

Duties and Responsibilities

• Provide subject matter expertise in Cloud technologies and support security documentation by providing SME input into policy, standards, and guidelines

• Conceive new solutions to problems and take them through rapid prototyping, validation, iterative development and continuous test and deployment.

• Design and implementation of security technology solutions related specifically to security requirements of cloud hosted systems

• Design, architect, and implement network security features and functionality such as network access controls, inbound and outbound traffic filtering and monitoring, subnetting for isolation, etc

• Research, evaluate, design, test, recommend, and implement network security tools such as proxy servers, IDS/IPS tools, DDoS prevention tools, etc.

• Research emerging technologies in support of operational security control implementation and enhancements
• Administer network security and computing devices/systems that enforce security policies and controls in the Xylem/Sensus cloud environments
• Support a wide range of security technologies including, but not limited to: SIEM, NIDS/IPS, HIDS, malware  analysis and protection, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensic analysis software and security incident response
• Respond to external audits, penetration tests and vulnerability assessments

• Develop a library of deployable and documented cloud design scripts, processes, and procedures

• Perform project leadership tasks on select security projects

 Skills and Competencies

• Experience with cloud management tools such as AWS Config, Cloudtrail, Cloudwatch, Systems Manager, Trusted Advisor, WAF, etc.

• Experience with Cyber-Ark, TrendMicro Deep Security, SafeNet/Gemalto Authentication, Tenable Security Center, Nessus Scanner, Passive Vulnerability Scanner, ArcSight SIEM, ArcSight Logger, Twistlock, Sumo Logic.

• Experience with build/deployment tools and related environmental artifacts (such as Salt, Chef, Jenkins, Jira, Subversion and Git)

• Proven project management and organizational skills, specifically managing  multiple concurrent projects

• Experience securing and supporting MongoDB, CouchDB or Cassandra

• Understand how to design and implement security tests in accordance with stated criteria

• Superior analytical, problem solving and decision making skills, applied with a solution-focused attitude
• Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy
• Strong  self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism

• Experience with the Atlassian Tools (Jira, Confluence, Bitbucket)

• Excellent teamwork skills

Requirements

• 3 or more years of experience with the secure design and deployment of systems using cloud service

• 3 or more years of experience with AWS security services, including: IAM, CloudWatch, CloudTrail, KMS, and/or Inspector

• 3 or more years of experience designing, developing and/or deploying security tools and technologies for cloud architectures

• High degree of comfort using containerization technology, minimally including Docker and Kubernetes

• Proficient with one or more of the following: C/C++, Java, JavaScript, Python

• Must have solid background with Linux, Windows OS and network security

• Proficiency with firewalls and rule reviews, IDS/IPS (Network and Host level), vulnerability assessment tools, DLP, Wireless IDS/IPS, sniffers, TCP/IP protocol stack and the OSI layer, content management and filtering systems, VPN, remote access AAA, application white listing, password management/vaults, log management and correlation, and device/application hardening requirements

• Senior-level working knowledge of AWS tools including: VPCs, security groups, EC2, Route53, IAM, KMS, S3, CloudFormation, CloudWatch, Shield, WAF, etc.

• Proficiency in vulnerability management. Specifically with Nessus, Security Center, Tenable.io

• Experience with configuration management and automation (Terraform, Jenkins, DSC, Ansible, etc.)

• Proficient with OpenStack, Google Cloud Platform, Azure and/or IBM Cloud

• Experience maintaining unified security solutions across disparate cloud technologies, accounts, services, and landscapes

Certifications and Education 

• Bachelor’s Degree in Information Systems, Computer Science, Computer Engineering, Information Security or related field required.

• Required: Certified Information Systems Security Professional (CISSP)

• Any of the following a plus: CISA, CEH, CSSLP, CHFI, CCSP, GCIH, GCIA, GSEC, AWS Certifications (Security, Developer, DevOps Engineer, etc), PMP

 

Key traits for success in this role

• Flexible: Adjusts job responsibilities to accommodate changing priorities while managing multiple tasks and projects
• Composed: Remains calm under pressure, relates in a professional manner with colleagues throughout the organization at all times
• Organized: Demonstrates strong organizational and time management skills, attention to detail and accuracy, and punctuality
• Team-oriented: Takes ownership of assigned tasks and projects while supporting and assisting other team members
• Work ethic: Confidential, empathetic and diplomatic in all interactions; anticipates varying inquiries; demonstrates good instincts; adapts to changing priorities and manages expectations accordingly

2014 Xylem Boilerplate

About Xylem
Xylem (XYL) is a leading global water technology provider, enabling customers to transport, treat, test and efficiently use water in public utility, residential and commercial building services, industrial and agricultural settings. The company does business in more than 150 countries through a number of market-leading product brands, and its people bring broad applications expertise with a strong focus on finding local solutions to the world’s most challenging water and wastewater problems. Xylem is headquartered in Rye Brook, N.Y., with 2013 revenues of $3.8 billion and more than 12,500 employees worldwide. Xylem was named to the Dow Jones Sustainability World Index for the last two years for advancing sustainable business practices and solutions worldwide.

The name Xylem is derived from classical Greek and is the tissue that transports water in plants, highlighting the engineering efficiency of our water-centric business by linking it with the best water transportation of all -- that which occurs in nature. For more information, please visit us at ****************.

关于赛莱默公司

Xylem（XYL）是全球领先的水技术供应商，专注于水输送、水处理和水测试领域，帮助市政、民宅和商业建筑业、工业及农业等行业客户实现科学用水。该公司目前在全球 150 多个国家开展业务，运用其多项名牌产品和员工的专业应用知识和经验，提供各种本地化解决方案，致力解决世界***的用水及污水处理问题。该公司总部设在美国纽约州白滩市，2013年业务收益为 38 亿美元，在全球拥有约 12,500 名员工。Xylem凭借在全球范围内开展和推动可持续业务活动及解决方案，连续两年荣登道琼斯可持续发展指数榜。

公司名称 Xylem 取自古希腊语，原义是植物中输送水份的组织，寓意此公司对水事业的追求，表现我们运用堪与大自然造化能力媲美的世界***的工程技术实现水的输送。****************