Cloud Security Engineer Lead
Vertiv
- Cluj-Napoca, Cluj
- Permanent
- Full-time
- Design, deploy, and manage our cloud-based SIEM platform, ensuring comprehensive visibility into security events, alerts, and logs across all cloud services and applications.
- Analyze disparate security events, alerts, and logs collected by the SIEM to derive concise and meaningful insights into potential threats and vulnerabilities.
- Execute advanced threat hunting and analysis operations within our cloud environments, leveraging the SIEM platform to identify and mitigate sophisticated cyber threats.
- Lead the development and implementation of incident response (IR) frameworks tailored to cloud environments, incorporating an understanding of computer forensics.
- Apply knowledge of malware, emerging threats, and attack patterns to enhance threat detection and mitigation strategies within the SIEM platform.
- Ensure the integrity and confidentiality of security information through proper chain of custody and control procedures, documenting all procedures and findings.
- Oversee the development and standardization of information security reporting within the SIEM platform, providing actionable insights to IT and security teams.
- Utilize scripting skills in Python and/or R to automate security analysis and reporting tasks within the SIEM environment.
- Identify security coverage gaps in cloud environments and develop prioritized remediation plans based on SIEM insights.
- Conduct technical security assessments and policy reviews to identify vulnerabilities or non-compliance issues within cloud services and applications.
- Stay abreast of security industry trends and emerging threats, providing recommendations on new SIEM features, technologies, and practices to enhance our cloud security posture.
- Provide training and mentoring to team members on the effective use of the SIEM platform and best practices in cloud security monitoring and incident response.
- Demonstrated expertise in security engineering with a focus on cloud technologies and SIEM platforms.
- 7+ years of experience in information security operations, with significant experience in cloud security and SIEM solutions.
- Bachelor's Degree in Computer Science, Information Science, or a related field.
- Relevant security certifications such as CISSP, GCIH, GCFE, CISA, CISM, or specific certifications related to cloud security and SIEM technologies (e.g., AWS Certified Security, Microsoft Certified: Azure Security Engineer Associate, Certified Splunk Architect).
- Proven experience in building or engineering security solutions for cloud platforms and services.
- Strong understanding of cloud networking concepts and familiarity with major cloud infrastructure providers (AWS, Azure, Google Cloud).
- Proficiency in scripting languages such as Python or R for security data analysis and automation.
- Familiarity with common cybersecurity frameworks and standards (CIS, CMMI, NIST, ISO) as they apply to cloud environments.
- Excellent verbal and written communication skills, with the ability to convey complex security information clearly and concisely.
- Strong analytical, organizational, and research skills, with a proven ability to solve complex problems and make data-driven decisions.