Cloud Security Engineer

Tenable is more than ‘just’ the creator of Nessus. Our security solutions - including the first cloud-based platform, Tenable.io - are transforming global vulnerability management. We’re a global team, powered by creative thinkers who are wired for action, focused on delivering results and collaborating to enable decisive actions to protect what matters most. We’re in this together - colleagues, customers and partner communities working as One Tenable.

Tenable is looking for a Cloud Security Engineer to join our Product Security and Cloud Operations team to help keep the Tenable.io platform secure. The Cloud Security Engineer at Tenable is a hands-on role that requires a high degree of technical security expertise within the AWS ecosystem. The person is responsible for security related tasks, including the implementation and day-to-day administration of Information Security solutions, and optimizing configurations for effectiveness and to reduce false positives. Primary responsibilities include performing assessments of security architecture, making practical recommendations to reduce risks, and then help realize the change. The Engineer must have experience in prevention and remediation of security vulnerabilities within AWS using existing or new solutions. The individual in this position interacts closely with personnel from other functions in Information Security, Cloud Ops, R&D, and Product Management. The candidate will be responsible for leading security program maturity efforts and initiatives in cloud operations. The candidate is responsible for working with the Product and Information Security team to help establish and maintain cloud security processes and ensure that security issues are identified and addressed. The candidate is responsible for producing metrics to measure the effectiveness of the program. The candidate will also be working with the Cloud Ops/DevOps teams and other business units on projects.

* Assess, design, implement, automate, and document security processes and solutions leveraging Amazon Web Service (AWS) and other third-parties * Design architecture, methods, and controls required to meet security, compliance, and audit requirements * Proactively stay current with developments in relevant technologies * Create and share unique ways to solve challenges with others * Deploy security solutions in cloud environments * In-depth knowledge of VPCs, Security Groups, and ACLs * Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity * Must have experience extracting pertinent security data from SIEM solutions and AWS audit, logs, and reports * Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures * Develop procedures to automate security tasks during code builds and deployments * Develop program quality metrics as both program performance indicators and enterprise risk indicators * Respond to and, when appropriate, resolve or escalate security incidents * Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes. * Assist and train team members in the use of cloud security tools and the resolution of security issues * Develop and maintain documentation for security systems and procedures * Collaborate with the Ops team to build infrastructure and servers on AWS * Mentor Cloud Engineers

**What you'll need:** * Minimum 2 years of experience as a Cloud Security Engineer * Solid understanding of Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and others * Knowledge of network based, system level, and application layer attacks and mitigation methods * Knowledge of technical security control environments and compliance frameworks including CSA CCM, ISO 27017 * Experience in DevOps environments and maintaining security in CI/CD processes * Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment * Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management, etc * Experience working with container technology including Docker and Kubernetes * Knowledge of AWS automation strategies and tools * Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security * Ability to clearly and effectively communicate concerns, issues to other teams * Experience in developing, documenting, and maintaining security procedures * Proficient in AWS CLI, Bash, and Python **And ideally:** * Bachelor's Degree in Computer Science, Engineering, or other Engineering or Technical discipline or equivalent relevant experience * Any recognized security and cloud specific certifications, e.g., CCSP, SSCP, CISSP, CCSK * Knowledge of BC & DRP programs including risk assessment, BIA, remediation, and staging exercises * Working proficiency with work tracking systems such as JIRA and project management solutions * Understanding of FEDRAMP, SSAE16 SOC 2, PCI DSS