Senior Network and Cloud Security Analyst

Company: Walker & Dunlop
Location: Bethesda
Posted on: January 15, 2021

Job Description:

Ready to bring your whole self to work every day? At Walker & Dunlop, we didn---t get to where we are by hiring ordinary individuals. We got here by hiring the exceptional WD is looking for individuals who are caring, collaborative, driven, insightful, and tenacious to join our teamIf you are looking to join a growing information technology team, the below opportunity may be for you.This position serves as a leader in Information Security. Primarily responsible for designing and implementing a security architecture and processes for the company---s network and cloud environment, including Azure, GCP, AWS, and cloud applications. Works with other departments to define secure baseline standards for the network, cloud environment, automation, making practical recommendations to reduce risks, and then help realize the change, as well as prevention and remediation of security vulnerabilities using existing or new solutions. Provides leadership and helps mentor other team members.Serves as Tier II escalation for security events. Responsible for security program maturity efforts, strategic thinking, and initiatives related to network and cloud security. Conducts research into current security threats and makes recommendations to counter. Analyzes, plans, designs, and implements security solutions for information security assurance.What you will be doing:Lead and manage security projects Design and implement network segmentation in hybrid environments Assess, design, implement, automate, and document security solutions and processes for Amazon Web Service (AWS), MS Azure, GCP, SaaS applications and other cloud platformsDirect tasks and develop milestones for Information Security projects in support of Information Security goals in line with the Company's direction Work with end users on secure best practices in Infrastructure as Code, cloud design patterns and CI/CD with built in application security controls Work with key areas of business and IT to develop baseline network, cloud, container, and application security standards and integrate into the CI/CD pipeline Implement and automate ---security as code--- using cloud services and CI/CD components as necessary Design security architecture, methods, and controls required to meet security, compliance, and audit requirementsDevelop, review, and update a library of technical documentationDevelop metrics and provide regular reports to senior managementSet requirements and direct managed security service providers (MSSPs) to ensure that they are appropriately managing the services to provide security to the companyWork with Audit and Compliance to evaluate, select, and implement appropriate cybersecurity frameworks and controls to support company's security, governance, risk, and privacy requirementsParticipate in security audits and formulate a plan of action and milestones to mitigate vulnerabilitiesEstablish security baselines using best practices such as CIS benchmarks. Work with other teams to test and implement security baselines into operating systems, infrastructure, and cloud environmentsMaintain thorough understanding of new developments and techniques in cybersecurity, privacy, and complianceRepresent Information Security in disaster recovery procedures and exercisesEnsure that disaster recovery procedures comply with security requirements and proceduresIn the event of an outage, assist with the execution of corporate disaster recovery planLog and update all security incidents in the company---s ticketing system and update management regularly on the threats, mitigation plans, and statusWork within established configuration and change management policies to ensure awareness, approval, and success of changes introduced to the network and cloud infrastructureEstablish processes to perform regular reviews of security configurations of operating systems, infrastructure, and cloud environmentsDevelop vulnerability management processes and manage the process remediate the vulnerabilities. Establish a process to escalate when vulnerabilities cannot be remediated in a timely mannerReview security notifications from the company---s vendors to determine which vulnerabilities would cause an impactManage Syslog platform to include configuration of rules, alerts, and inclusion of all networked devices. Review Syslog data daily and provides regular reports to management on incidents and responsesProvide 24/7 on-call support for security incidents related to network systems and infrastructureCommunicate and problem-solve daily with teammates, clients, vendors, and other stakeholders, often in combination with travelOther skills related to building a career in network and cloud securityThe education and experience we---re looking for:Bachelor---s degree in computer science or related field or equivalent technical or professional experience related to the design, installation, security, and maintenance networks and cloud architectureMinimum seven years of experience in a network support role with an emphasis on network or application security, especially network segmentation Significant technical experience in Cloud Computing technologies and automation (HashiCorp, Terraform, Ansible, Cloudformation, etc.) Significant technical experience in at least 3 of the following: Networking, Firewalls, IPS, Python, Bash, Azure, GCP, AWS, REST APIs Experience in DevOps environments working with and influencing developers to maintain security through CI/CD processes Proficient and up to date with Azure, GCP, and AWS Hands on experience with Azure Resource Manager, GCP Deployment manager, and AWS CloudFormation Experience with the development, deployment, and automation of security solutions in an enterprise cloud-based environment Knowledge of network based, system level, and application layer attacks and mitigation methods Experience extracting pertinent security data from SIEM solutions, audit logs, and reports Knowledge of technical security control environments and compliance frameworks including NIST Cloud Security Frameworks, CSA CCM, ISO 27017 Experience with or understanding of a broad range of security technologies relating to security baselines, network security, network segmentation, cloud security, and infrastructure hardeningExperience with forensics is a plusExperience with vulnerability management systems is a plusIndustry certifications are a plusWhat skills you should have:Extensive knowledge of TCP/IP and networking principles as well as how packets workExtensive knowledge of security best practices as they relate to policies and procedures, configuration, and implementationExtensive knowledge of cloud environments including security, configuration, and managementExpert knowledge of Windows operating systems including Windows 10, Server 2016, and othersExpertise in creating, maintaining, and deploying group policies to Windows PCs and servers to maintain compliance with security best practicesPossess strong analytical skills and an ability to identify complex network issuesPossess strong interpersonal, organizational, customer service, and communication skills and an ability to interact effectively with a wide range of users of varying levels of technological expertiseMust have documentable knowledge of cloud architecture, networks, security, network planning, and analysisDemonstrated experience implementing security policies and proceduresMust work well within a deadline-driven environmentFamiliarity with Linux operating systemsAbility to lift 50lbsAbility to show ownership of your work, take on challenges and acknowledge growth opportunities, and demonstrate patience when learning new processesCourtesy, respect, and thoughtfulness in teaming with colleagues and other stakeholdersStill reading? Then we think you should applyEEO StatementWalker & Dunlop is an equal employment opportunity employer and does not discriminate based on race, color, national origin, religion, gender identity, sexual orientation, sex, age, disability, veteran or military status, genetic information, or any other characteristic protected by applicable law.SPAMPlease be wary of recruitment scams. An indication of a scam might be a request for sensitive or bank information at the time of application or emails coming from a non walkerdunlop.com email address. Please call us at 301.215.5500, if you have any concerns about information requested during or after the application process.Job SummaryRequisition Number: SENIO02413Job Category: Information TechnologySchedule: Full-Time

Keywords: Walker & Dunlop, Bethesda , Senior Network and Cloud Security Analyst, Professions , Bethesda, Maryland