Job Closed
This listing is no longer active.
READY NEVER WAITS
Cloud & Security SME
Location
United States
Posted
19 days ago
Salary
0
Seniority
Senior
Job Description
Cloud & Security SME
By Light Professional IT Services
• Design, implement, and maintain security controls across system development and operations. • Secure AWS-based cloud environments; provide working knowledge of Azure and/or Google Cloud. • Perform system hardening, vulnerability scanning, monitoring, and incident response. • Analyze logs, develop alerts, and support forensic investigations. • Support security architecture design and integration for new and existing systems. • Provide support and oversight for systems, including: Patching selection and updates. Training data security and integrity. Network monitoring, access controls, and monitoring. Review and approval of AI-related changes and updates. • Support compliance activities aligned with CMMC Level 2, SOC 2, and ISO/IEC 27001. • Contribute to security documentation, risk assessments, and audit readiness efforts.
Job Requirements
- Bachelor’s degree (or equivalent experience) plus 3+ years of relevant security experience
- Hands-on experience securing on-premise/AWS environments
- Experience with cloud security and enterprise security tools
- Proficiency in Python for automation or security tooling
- CompTIA Security+
- GIAC GICSP
- CompTIA Network+
- ITIL
- Experience supporting Federal, DoD, or regulated environments
- Familiarity with AI/ML systems or emerging technology security
Benefits
- Medical, Dental & Vision Coverage
- Wellness Program
- 401(k) Matching
- Disability (Short Term & Long Term)
- Employee Assistance Program
- Life Insurance
- Education & Training
- Generous Leave Policy (11 Federal Holidays, PTO, and Military Leave)
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Focus on building and operating the data platform that powers security operations across NVIDIA. • Design and operate telemetry ingestion pipelines that collect and process data from endpoint, identity, network, cloud, and other enterprise security sources. • Normalize and enrich telemetry into structured datasets using standardized schemas and entity models so signals from different systems can be correlated consistently. • Build and maintain data models and graph ready structures that connect users, devices, identities, and activity across the security ecosystem. • Provide governed access to security datasets through APIs, query interfaces, and streaming pipelines used by Detection, Automation, AI, and Analytics teams. • Define lifecycle and retention strategies across hot, cold, and archive storage tiers to balance performance, scalability, and cost. • Work closely with enterprise data engineering and security engineering teams to align on architecture, data fabric strategy, and shared platform capabilities. • Maintain clear documentation of data sources, schemas, and entity definitions so teams across NVIDIA can reliably build on the platform.
• Define the cross-company reference architecture for governed agent actions, including durable policies, runtime controls, adapter boundaries, credential mediation, detector response, audit correlation, failure modes, and production-readiness criteria. • Translate Agent Policy Fabric concepts into executive-ready decision papers, engineering standards, threat models, control objectives, and implementation achievements without treating working-draft architecture as a pre-decided product direction. • Partner with Product Security, OpenShell, Omnistation, Identity, IT, Fleet/MDM, SecOps, 3S, legal/privacy, and corporate-resource owners to define who owns each control surface and how agent workflows move from proof-of-life to enterprise pilot. • Establish review patterns for agent workflows, including policy authoring, approval, signing, runtime admission, credential issuance, direct-egress controls, audit evidence, managing anomalies, and break-glass procedures. • Brief senior leaders, customer-facing teams, and partner engineering teams on NVIDIA's agent security posture, APF maturation path, open decisions, known limitations, and the evidence required before broader deployment.
• Implement and lead internal initiatives that reinforce the security program’s commitment to security. • Collaborate closely with internal teams—including security awareness and training, communications, and executive leadership. • Develop and promote initiatives that embed security values and achievements throughout the organization. • Ensure the organization’s security values are visible, trusted, and respected by internal and external stakeholders. • Help shape a strong security culture at Jamf by being an advocate or “security champion”. • Support business growth and strengthen the organization’s reputation with customers and business partners. • Develop content and communication strategies to engage Jamf employees at all levels. • Establish and monitor mechanisms for employees to report security issues or concerns. • Collaborate with awareness and training personnel to develop training material on the value of security as a business enabler. • Develop and monitor KPIs and metrics to gauge the success of the program. • Position the organization as an industry leader in security by promoting expert insights, white papers, and speaking engagements for security leaders. • Coordinate participation in industry events, conferences, and panels to strengthen brand presence and authority in cybersecurity.
Senior Security Researcher, Phishing
SpyCloudThe leader in operationalizing Cybercrime Analytics to prevent ATO, ransomware, and online fraud.
• Data Collection: Locate, target and recapture data from Phishing-as-a-Service (PhaaS) kits using a combination of human intelligence and platform sourcing. • Data Analysis: Apply data science techniques to understand the quality of sourced data, in order to refine and improve the PhaaS data sourcing pipeline. • Human Intelligence: Perform human intelligence techniques such as managing multiple alternate personas, actor engagements, and social engineering in support of data recapture efforts. • Security Analysis: Participate in the drafting of research blogs and analytical products to support customers and business objectives. • Security Research: Participate in security research including investigation of threat actors, PhaaS, and other critical research in support of SpyCloud’s priorities.



