• Cloud Security Operations Specialist

    CTG Springfield, IL 62762

    Job #2314080532

  • Cloud Security Operations Specialist

    United States

    New

    Information Technology

    About an hour agoPost Date

    22202302Requisition #

    Apply for JobShare this JobSign Up for Job Alerts

    Cloud Security Operations Specialist

    TikTok is the leading destination for short-form mobile video. Our mission is to inspire

    creativity and bring joy. TikTok has global offices, including Los Angeles, New York, London,

    Paris, Berlin, Dubai, Mumbai, Singapore, Jakarta, Seoul, and Tokyo.

    The Global Security Organization provides industry leading security and privacy services to

    ByteDance globally. Our organization uses four principles that guide our strategic and tactical

    operations. First, we champion trust and transparency, leading the charge in organizational

    transparency and execution of security and privacy capabilities that drive customer trust.

    Second, we are a business catalyst and enabler, embodying the DNA of technical innovation.

    Third, we drive risk informed and empowered decision making, giving our business leaders the

    information needed to make key decisions. Finally, we proactively identify and reduce risk

    while enabling innovative product development.

    Job Description: Cloud Security Operations Specialist

    As a part of the Principal Security Operations Engineers team within the Business Operations

    team, you will be a part of the Security Operations team responsible for Enterprise Defense

    Operations and Platform Management, Hosting Platform Defense Operations, and Global

    Security Technology Operations. The Security Operations teams primary focus is management

    of security and defense platforms, technologies, tools, and services supporting security

    controls across TikToks environments. As the Cloud Security Operations specialist, you will be

    responsible for supporting the Cloud Security Operations lead along with cross-functional

    cyber, privacy, and data protection engineers, architects, and analysts to deploy, integrate, and

    manage, technologies to support the security and protection of data in accordance with

    relevant geographical regulations, contractual commitments, and confidentiality

    requirements.

    In your capacity as a key contributor, you are part of a team that manages the design,

    engineering, and deployment of tools and technologies to monitor our global cloud

    infrastructure footprint to validate data inventory, access and protection, and security of our

    vast infrastructure of data center, SaaS, and IaaS. This will include servicability and continuing

    improvement of technology platforms, technologies, and services as well as collaboration with

    your team as they manage operational configuration updates to security tools and validate

    effectiveness. Further, you and your team will create a strategy for the control environment to

    enable and protect TikToks infrastructure, technologies, and services. This will entail

    understanding requirements, designing controls, and ultimately managing the on-going

    operation of those controls.

    The candidate must be skilled in assessing current state of various cloud environments against

    industry best practices, identifying functional and technical requirements for cloud security

    tooling, implementing cloud-native and third party security solutions in a multi-cloud

    environment, and conducting analysis on cloud related threats, incidents and other general

    security-related issues. The candidate must also have the ability to communicate well,

    participate in coordinating response and defensive actions over a variety of security

    disciplines, and disseminate security information as appropriate in support of TikToks critical

    business, go to market, and operational infrastructure needs.

    Tasks and Responsibilities:

    Support the development and execution of enterprise-wide Cloud • security program

    • Define and manage security controls for a multi-cloud architecture

    • Configure, maintain, deploy, and write rules in Cloud security tools

    • Design and implement 3rd party and cloud-native tooling to meet defined requirements

    • Develop standard operating procedures and trainings for each technology

    Architect and continuously improve security technology stack, process and procedures,

    support model and cross-function interactions utilizing automation where possible

    Review and investigate alerts generated from Cloud security tools and escalate as

    appropriate

    • Review and assess utilization of Cloud security tooling

    • Promote and drive adoption of Cloud security tooling across the enterprise

    • Partner across the Security Operations team to respond to cybersecurity incidents

    • Develop and report Cloud security coverage metrics and remediation plans

    Define procedures to validate the effectiveness of the design, deployment, and

    management of security controls that aim to maintain confidentiality, integrity, and

    availability of Cloud networks and technology platforms

    Knowledge and Skills:

    Minimum Qualifications:

    3-5 years of experience operating with at least one cloud provider, preferably GCP, AWS, or

    Oracle

    At least one associate level cloud certification (AWS solutions architect, GCP Associate

    Cloud Engineer, etc.)

    • Strong understanding of:

    Cloud security industry standards and best practices (CSA CCM, CIS ? benchmarks, etc.)

    ? Linux, MacOS, and Windows internals

    Operating and maintaining tools across Cloud security technology stack (CSPM, CWPP,

    SASE, CASB, CIEM, Cloud native features like GuardDuty, etc.)

    ?

    • Working proficiency with at least one scripting language (Python, Javascript, Java, etc.)

    Bachelors’ Degree or industry equivalent work experience in cybersecurity, international

    security architecture, and/or engineering in a converged security program

    Demonstrated ability to quickly assimilate new information and remain current on new

    developments in cybersecurity capabilities and industry knowledge

    • Capable of creating technical documentation

    • Excellent analytical and problem-solving skills

    Works well under pressure within time/budget constraints to solve problems, adjust quickly

    to shifting priorities, and make decisions with limited information

    • Demonstrated teamwork and collaboration skills

    • Highly motivated to contribute and grow within a complex area of emerging importance

    Ability to communicate technical concepts to a broad range of technical and non-technical

    staff

    Preferred Qualifications:

    CISSP, SSCP, CAP, CCSP, CISM, CSX-P or applicable experience in the Information Security

    field

    Experience designing/developing/implementing cloud security tools (CIEM, CSPM, CWPP,

    IaC scanning, SASE, CASB, etc)

    Professional level cloud certifications ( AWS Solutions Architect - Professional, AWS Certified

    Security, Google Certified Professional Cloud Architect, etc.)

    • Ability to visualize and integrate cloud specific data and alerts with other security systems

    Advanced hands-on experience using one or more programming/scripting languages (e.g.,

    Python, Go, Java, etc.)

    • Experience in a multi-cloud or hybrid cloud environment

    • Working knowledge of SecDevOps and Shift Left concepts

    Technical knowledge of Kubernetes and Docker technologies and associated security

    requirements (Kubernetes, Docker, etc.)

    Familiarity with source code management and CI/CD tools (e.g., Github, Bitbucket, Jenkins,

    Artifactory, etc.)

    Familiarity with securing data across SaaS and IaaS cloud platforms (e.g., AWS, Google

    Cloud Platform, Azure, Oracle Cloud)

    Familiarity with securing data across multiple database technologies (e.g., MySQL, Redis,

    Hive)

    In-depth experience • in the following:

    ? Metadata management

    ? Asset management

    ? Change management

    ? Microservice architecture

    ? Data leakage/content monitoring and filtering

    ? Cloud access security broker

    ? Configuration of web application firewalls

    • Be able to handle ambiguity and collaborate with a global team

    • Be comfortable communicating with business executives and technical teams

    CTG is a leading provider of digital transformation solutions and services that accelerate clients' project momentum and achievement of their desired IT and business outcomes. Our vision is to be an indispensable partner to our clients and the preferred career destination for digital and technology experts. CTG has operations in North America, South America, Western Europe, and India. For more information, visit ~~~.

    Our culture is a direct result of the people who work at CTG, the values we hold, and the actions we take. In other words, our people are the culture. It's a living, breathing thing that is renewed every day through the ways we engage with each other, our clients, and our communities. Part of our mission is to cultivate a workplace that attracts and develops the best people, reflected by our recognition as a Great Place to Work-certified company across many of our global operations.

    CTG will consider for employment all qualified applicants including those with criminal histories in a manner consistent with the requirements of all applicable local, state, and federal laws.

    CTG is an Equal Opportunity and Affirmative Action Employer. CTG will assure equal opportunity and consideration to all applicants and employees in recruitment, selection, placement, training, benefits, compensation, promotion, transfer, and release of individuals without regard to race, creed, religion, color, national origin, sex, sexual orientation, gender identity and gender expression, age, disability, marital or veteran status, citizenship status, or any other discriminatory factors as required by law. Our Affirmative Action program serves to promote occupational equality and diversity through good faith efforts. CTG is fully committed to promoting employment opportunities for members of protected classes.

    Additional Information

    • Job Function: Information Security

    • Education Level: Bachelor's Degree (±16 years)

    • Work Remote: Yes

    • Travel: No

  • You Can Also Try Searching