Government Services - Cloud Security Engineer

Exiger, New York, NY


Location: New York, NY

Exiger Tech is an experienced team of software professionals with a wide range of specialties and interests. We make use of big data and natural language processing technologies as well as dealing with day-to-day application development and scaling issues. We utilize agile methodologies, iterate quickly to find solutions, and work together to ensure that the system evolves in a maintainable and performant fashion.
This is a full-time opportunity located in New York, New York.

The Cloud Security Engineer will support the development of security strategies and architecture vision as it relates to the Exiger’s cloud initiatives. The engineer will secure and harden code, monitor the security solutions, and work with other teams, products, and services to successfully use the security services.
We are looking for a resourceful, driven individual who is passionate about information security and privacy. Communication skills are very important, as well as the ability to adapt to fluctuating requirements and priorities. You must have well-developed project management and problem-solving skills while enjoying the challenge of acting as the intermediary between client-facing teams and technical teams.
This position may involve some travel.

Key Responsibilities

  • Responsible for leveraging principles, practices and tools in DevOps to improve the reliability, integrity and security of applications.
  • Build, maintain and manage central security policies for our cloud infrastructure.
  • Identify and implement the most effective perimeter security models for customer integration and segregated access of platform services.
  • Maintain cloud architecture and security design.
  • Define, implement, and tune detective capabilities and data sources to detect and remediate malicious activity.
  • Assist in creating a continuous monitoring solution to validate systems against our security baselines and respond to policy violations.
  • Analyze the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints.
  • Analyze security data and report on threats and incidents across various platforms and environments.
  • Research and design ways to achieve risk reduction objectives in creative ways, including expanding our current tool stack where appropriate.
  • Work with engineering and operations teams to implement threat detection signals, deploy new tooling and improve response capabilities.

Knowledge & Skills

  • A solid understanding of information security standards.
  • Experience implementing AWS/GCP security and hardening, especially in a large or complex environment.
  • Hands-on security experience, with in-depth knowledge of security, scaling in the cloud.
  • Hands-on experience with secrets management systems, including AWS,KMS, Vault, SSH Keys, etc.
  • Hands-on experience in driving end to end security for cloud product –scanning, pen testing.
  • Experience in applying security to cloud technologies (Managing secrets,
  •  Securing CD pipeline, Secure Infrastructure as Code, Container Security).
  • Experience with implementing a cloud-based container vulnerability scanning tool.
  • Experience with Docker and Kubernetes.
  • Ability to communicate, both orally and written, with all levels of management and end users across varying levels of technical backgrounds.

Professional Experience Required

  • BS degree in Computer Science, Information Technology or relevant field.
  • 5+ years total tech experience with cloud security focus.
  • 3+ years of AWS or GCP experience implementing security and hardening activities, especially in a large or complex environment.
  • Strong organizational skills, including ability to prioritize and work under  pressure
  • Ability to effectively handle multiple activities and projects
  • Proven ability to work well, both individually and within a team environment
  • Strong initiative and self-motivation
  • Proven ability to quickly learn and adapt to a dynamic environment
  • Experience with Jira, Zendesk a plus
  • Government clearance a plus.
About Exiger

At Exiger we work everyday to make the world a safer place to do business in. Our experts and technology help clients prevent breaches, respond to risk, remediate issues and monitor activities. We are searching for people who think creatively to solve complex problems related to governance, risk and compliance thus delivering first class solutions for our corporate and government partners.
Exiger’s core values are courage, excellence, expertise, innovation, integrity, teamwork and trust.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

About Exiger

Never before has the balance between business opportunity and regulatory risk been so tenuous. Exiger addresses this challenge head-on by developing sustainable compliance programs that meet today’s strict regulatory requirements while acknowledging that businesses cannot afford to play it safe. In a world where the fastest path to driving shareholder value is to expand into developing – often high-risk – economies, Exiger helps financial institutions, multinational corporations, and governmental agencies pursue their strategic goals with the confidence that regulatory change will not alter their course.Exiger was formed by a group of leading authorities on financial crimes compliance to solve some of the most complex problems confronting business today. The firm arms financial institutions and multinational corporations with the practical expertise and tools they need to prevent breaches in compliance, respond to risk intelligence, remediate gaps and monitor ongoing business activities.Initially launched to lead the court-appointed Monitorship of HSBC – the most comprehensive Monitoring assignment ever awarded by the Department of Justice – Exiger is entrusted with evaluating the effectiveness of internal compliance controls used by the $2.7 trillion banking institution across approximately 6,000 offices operating in nearly 70 countries around the world.In addition to its Monitorship work, Exiger guides a wide range of clients around the world through the process of managing the worst-case scenario compliance challenges and implementing the programs they need to prevent them in the future.


Want to learn more about Exiger? Visit Exiger's website.