Open Position: Cloud Security Consultant

Department: Engineering
Location: Bellevue, WA
Date Open: 2018-2-17

Apply Now

* When applying please include your resumé and cover letter.

Job Description

Summary Job Description:

Position Summary:

The Cloud Security Consultant is a FT role where as a NCA employee you partner with colleagues, vendors and clients in a consultative role.   You will work with our clients in the design and implementation of security solutions within a Cloud environment. The Cloud Security Consultant is responsible for delivering a myriad of cloud deployment scenarios, services, and technology while ensuring solutions are secure and compliant.

Primary Job Responsibilities:

  • Engage with Customers in the design and implementation of cloud and cloud-security projects and initiatives
  • Promote awareness of applicable security policies and standards and implement or coordinate remediation required by audits, as necessary
  • Know and evaluate current policies to provide risk analysis, input to vulnerability testing and security reviews
  • Execute activities related to cloud control compliance assessment design, execution, and service workflow (scoping, evidence collection, reporting, process metrics, process improvement, and QA)
  • Provide assessments over applications in one or more Public, Private or Hybrid Cloud environment(s)
  • Provide technical assistance in the selection, configuration, and maintenance of cloud security solutions
  • Research, learn and evaluate new technologies to solve problems, close gaps or improve functionality and operations
  • Understand business drivers and processes to evaluate risk and recommend solutions with a balanced result

Basic Qualifications:

  • 4+ years of information security or IT audit or IT compliance experience
  • 3 years of practical cloud information security experience
  • 2+ years of program and project management experience; Expert project/program management and prioritization skills - ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment
  • 1-3 years of experience in technical security controls assessments
  • Experience in information management and information technology security design and implementation
  • Demonstrated experience in creating conceptual, logical and physical security diagrams
  • Thorough understanding of vulnerabilities and countermeasures
  • Experience planning and executing security control assessments involving complex systems
  • Extensive knowledge and experience with diverse IT architectures and enterprise IT data centers, external hosted services and cloud computing environments
  • Knowledge and experience with physical and virtual server configurations and implementations
  • Experience working with cloud technologies (AWS, Azure & Google, etc) and security products (Skyhigh & Avanan)
  • Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines
  • Excellent written and verbal communication skills including reporting
  • Practical use and understanding of advanced security protocols and standards

Preferred Qualifications:

  • External audit (e.g., Big Four) and /or internal audit (e.g., Fortune 500)
  • Deployment and Installation of SkyHigh Networks and Avanan Solutions

Required Education:

  • BS degree in Computer Science, MIS, Computer Engineering, Risk Management or Information Assurance or 5+ years’ equivalent technology experience or related work experience with a different 4 year degree