Topeka, KS, 66625, USA
11 days ago
Senior Cloud Security Engineer(remote)
**Become a part of our caring community and help us put health first** The Senior Cloud Security Engineer ensures that cybersecurity policies are engineered and deployed in cloud environments to meet compliance requirements. They automate cloud security controls to minimize and reduce threats, vulnerabilities, and risks. They ensure that cross-functional business processes are in place for cloud security control engineering and implementation, with proper visibility and approvals. The engineer begins to influence departmental strategy, makes decisions on moderately complex to highly complex issues regarding technical approaches for project components, and performs work without direction. They exercise considerable latitude in determining objectives and approaches to assignments. **Join our team as a Senior Cloud Network Security Engineer!** We are looking for an experienced professional with expertise in managing **GCP Next-Generation Firewalls (NGFW)** , **Azure Network Security Groups (NSGs)** , and the **Prisma Cloud security suite** . This role focuses on securing multi-cloud environments by automating security policies using **Infrastructure as Code (IaC)** with **Terraform** , while leveraging **Prisma Cloud** tools to ensure comprehensive workload protection and compliance. **Use your skills to make an impact** **Responsibilities** + Deploy and provide operational support for **hierarchical NGFW policies** in **GCP** using security tags, and automate configurations using **Terraform** and **DevOps principles** . + Manage and troubleshoot **Azure Network Security Groups (NSGs)** at scale, using **Terraform** to automate deployment, updates, and scaling of security rules across multiple environments, ensuring continuous network protection and performance. + Ensure all infrastructure changes are deployed through **CI/CD pipelines** using **Terraform modules** , following best practices for **DevSecOps** . + Develop and implement security policies, standards, and procedures for cloud-based applications and infrastructure employing **Prisma Cloud’s** comprehensive security solutions, including **Workload Protection (Compute)** , **Cloud Security Posture Management (CSPM)** , and **Code Security** modules. + Integrate robust code security measures and scanning capabilities into **CI/CD pipelines** and other cloud workflows using **IaC** . + Implement and manage enterprise security policies using **Prisma CSPM’s** advanced capabilities, including preventive guardrails and automated remediations, to ensure proactive measures are in place. + Leverage **IaC** and **CI/CD** to seamlessly deploy, patch, and upgrade Prisma Cloud and cloud-based security systems. + Configure vulnerability items, misconfigurations, and other alerts in **Prisma Cloud** , actively assisting stakeholders with timely remediation efforts. + Assist the **SOC** and **Cyber Defense & Response Team** during security incidents, involving timely configuration changes to Prisma and frequent participation on major incident bridges. + Manage user access in **Prisma portal** based on least privilege roles, and provide operations training and support, as needed. + Participate in a **24/7 on-call rotation** to ensure rapid incident response, maintaining operational integrity and minimizing downtime across enterprise systems. **Required Qualifications** + **Bachelor’s Degree** in Computer Science, Information Technology, Cybersecurity or related field. + **7+ years of experience** supporting and implementing **multi-cloud security solutions** with a focus on **GCP** and **Azure** , including configuration, deployment, troubleshooting, and ongoing maintenance. + **3+ years of direct, hands-on experience** with **GCP network access control** and **Azure NSGs** , leveraging **IaC automation** (Terraform) for efficient and secure cloud operations. + Proficiency in deploying and managing **NGFW policies** using **security tags** and **hierarchical firewall rules** within **GCP** . + Strong ability to manage and troubleshoot **Azure NSGs** , leveraging **Terraform** for automation and scaling. + Experience implementing security policies via **IaC** using **Terraform** and managing deployments through **Azure DevOps (ADO)** and **GitHub Actions** . + Expertise in **DevSecOps** and **shift-left** principles, actively ensuring security risks and misconfigurations are addressed early in the development process. + Ability to work in a **24x7 on-call rotation** , triage incidents, and participate in **incident bridges** with senior leadership teams (SLT). + Proven experience in **incident response** and security operations, including assisting the **SOC** during critical events. + Capable of providing training and guidance to team members on cloud security best practices. **Preferred Qualifications** + **Certification in Prisma Certified Cloud Security Engineer (PCCSE)** and/or **Palo Alto Networks Systems Engineer** — **Prisma Cloud Associate** desired. + Additional certifications such as **CISSP** , **CCSP** , **Security+** , or relevant tracks for **Azure** and **GCP** . + Advanced experience with **Terraform** and managing large-scale IaC automation through **CI/CD pipelines** . + Experience implementing and managing **Policy as Code (PaC)** in cloud environments, including **Azure Policy** , **GCP Organizational Policy** , or **HashiCorp Sentinel** . + Familiarity with **Agile methodology** , including **Scrum** and **Kanban** frameworks. + Proficiency with **scripting languages** such as **PowerShell** , **Python** , **YAML** , and **Bash** . + Experience troubleshooting **Linux** environments using tools like **cURL** , **tcpdump** , **netstat** , etc. Remote/WAH requirements: + WAH requirements: Must have the ability to provide a high speed DSL or cable modem for a home office. Associates or contractors who live and work from home in the state of California will be provided payment for their internet expense. + A minimum standard speed for optimal performance of 25x10 (25mpbs download x 10mpbs upload) is required. + Satellite and Wireless Internet service is NOT allowed for this role. + A dedicated space lacking ongoing interruptions to protect member PHI / HIPAA information **Scheduled Weekly Hours** 40 **Pay Range** The compensation range below reflects a good faith estimate of starting base pay for full time (40 hours per week) employment at the time of posting. The pay range may be higher or lower based on geographic location and individual pay will vary based on demonstrated job related skills, knowledge, experience, education, certifications, etc. $104,800 - $144,300 per year This job is eligible for a bonus incentive plan. This incentive opportunity is based upon company and/or individual performance. **Description of Benefits** Humana, Inc. and its affiliated subsidiaries (collectively, “Humana”) offers competitive benefits that support whole-person well-being. Associate benefits are designed to encourage personal wellness and smart healthcare decisions for you and your family while also knowing your life extends outside of work. Among our benefits, Humana provides medical, dental and vision benefits, 401(k) retirement savings plan, time off (including paid time off, company and personal holidays, volunteer time off, paid parental and caregiver leave), short-term and long-term disability, life insurance and many other opportunities. **About us** Humana Inc. (NYSE: HUM) is committed to putting health first – for our teammates, our customers and our company. Through our Humana insurance services and CenterWell healthcare services, we make it easier for the millions of people we serve to achieve their best health – delivering the care and service they need, when they need it. These efforts are leading to a better quality of life for people with Medicare, Medicaid, families, individuals, military service personnel, and communities at large. **Equal Opportunity Employer** It is the policy of Humana not to discriminate against any employee or applicant for employment because of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or veteran status. It is also the policy of Humana to take affirmative action to employ and to advance in employment, all persons regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, age, marital status, genetic information, disability or protected veteran status, and to base all employment decisions only on valid job requirements. This policy shall apply to all employment actions, including but not limited to recruitment, hiring, upgrading, promotion, transfer, demotion, layoff, recall, termination, rates of pay or other forms of compensation and selection for training, including apprenticeship, at all levels of employment. Humana complies with all applicable federal civil rights laws and does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity or religion. We also provide free language interpreter services. See our https://www.humana.com/legal/accessibility-resources?source=Humana_Website.
Confirm your E-mail: Send Email