CNAPP Security Engineer Mid Atlantic region

About the Role

The role of a CNAPP Security Engineer is multifaceted, requiring a deep understanding of cloud security principles, technologies, and best practices. Day-to-day, you will be working with multi-account AWS and Azure environments, implementing and managing cloud security tools, and collaborating with customers to identify and mitigate potential threats. Being part of a growing team, you will have the opportunity to contribute to the development of new security practices and protocols, further enhancing GuidePoint Security's reputation as a leader in cybersecurity.

Given the remote nature of this position, strong communication and organizational skills are essential. Although the role is open to remote work, candidates living in the Mid-Atlantic region are highly preferred due to the potential need for occasional in-person meetings or collaborations.

What You Will Do

• Implement CNAPP and CSPM tools in complex, multi-account AWS and Azure environments, ensuring seamless integration and maximum security.
• Develop and implement Infrastructure as Code (IaC) using Cloud Formation or Terraform, focusing on security best practices and compliance.
• Conduct thorough analyses of potential threats and vulnerabilities in public cloud environments, including network, applications, infrastructure, and systems.
• Lead the resolution of identified security issues, collaborating with internal teams and external stakeholders as necessary.
• Design and develop custom control checks within CNAPP platforms using JSON, REGO, or Terraform, ensuring the highest level of security governance.
• Participate in the development of cloud security architectures, ensuring alignment with industry best practices and regulatory requirements.
• Implement IaC scanning tools within CI/CD pipelines to automate security checks and compliance assessments.
• Provide expert advice and guidance to customers on cloud security strategies, risk mitigation, and compliance.
• Stay updated with the latest advancements in cloud security technologies and practices, applying this knowledge to continuously improve GuidePoint Security's services and customer solutions.
• Collaborate with cross-functional teams to ensure security is integrated into every aspect of the cloud infrastructure and application development lifecycle.

What We Are Looking For

• A minimum of 3 years of experience in cloud security, with a focus on CNAPP, IaC, CSPM, and CWPP technologies.
• Strong understanding of cloud security principles, including compliance, risk management, and security governance.
• Experience with cloud providers such as AWS and Azure, including multi-account environments.
• Proficiency in one or more programming languages, including Python, Java, or C++.
• Knowledge of security frameworks and regulations, such as NIST, ISO 27001, and PCI-DSS.
• Excellent analytical and problem-solving skills, with the ability to identify and mitigate complex security threats.
• Strong communication and interpersonal skills, with experience in collaborating with technical and non-technical stakeholders.
• A Bachelor's degree in Computer Science, Cybersecurity, or a related field.

Nice to Have

• Experience with Cloud Security Gateways and Web Application Firewalls.
• Familiarity with containerization technologies such as Docker and Kubernetes.
• Knowledge of DevOps practices and tools, including Jenkins, GitLab CI/CD, or similar.
• Certification in cloud security, such as AWS Certified Security – Specialty or Microsoft Certified: Azure Security Engineer Associate.

Benefits and Perks

• Competitive salary and benefits package.
• Opportunity to work with a wide range of cloud security technologies and tools.
• Collaborative and dynamic work environment with a team of experienced cybersecurity professionals.
• Professional development opportunities, including training and certification programs.
• Flexible remote work arrangement, with the option to work from home or one of our offices.
• Access to the latest security tools and technologies, ensuring you stay at the forefront of your field.
• Recognition and reward for outstanding performance and contributions to the team.

• Highlight Your Cloud Security Expertise: Ensure your resume and cover letter clearly outline your experience with CNAPP, IaC, CSPM, and CWPP technologies, as well as your understanding of cloud security principles and best practices.
• Prepare for Technical Interviews: Be ready to discuss your experience with cloud security tools and technologies, and come prepared with examples of how you have applied these in previous roles.
• Showcase Your Problem-Solving Skills: Provide examples of complex security issues you have identified and mitigated, highlighting your analytical and problem-solving skills.
• Demonstrate Your Ability to Work Remotely: If you have experience working remotely, highlight your ability to manage your time effectively, communicate clearly with distributed teams, and maintain productivity in a home office setting.
• Stay Updated on Industry Developments: Show your commitment to ongoing learning and professional development by discussing recent advancements in cloud security and how you see them impacting your work.
• Be Prepared to Discuss Your Experience with Compliance and Regulatory Frameworks: Highlight your knowledge of security frameworks and regulations, such as NIST, ISO 27001, and PCI-DSS, and how you have applied these in cloud security contexts.