Commvault seeks a Sr. Cloud Security Engineer to help develop and grow its Enterprise Cloud Security Center.  The candidate will plan, implement and monitor the tool stack used to secure Commvault's cloud infrastructure. They will drive efforts to both "Shift-Left", and "Look-Right" across an array of security tools.  They will provide expert security advice on both generic best practices and specific technical guidance on securing network, compute, and storage infrastructures implemented in various Cloud Service Providers. The candidate will develop and implement cloud-related security standards.  Finally, the candidate will ensure maximum functionality of the tool stack through integration with supporting IT platforms such as IAM, Inventory Management, and other supporting services and technologies.

Position Responsibilities

• Maintain Crowdstrike tool stack health, work with allied cloud operations teams to ensure connections into monitored clouds are healthy
• Develop and expand tool stack reach and capabilities by deploying agents, gathering new log sources, or integrating with allied security and IT Services platforms and tools
• Serve as cloud security expert to assess technical risk, and drive targeted risk reduction campaigns through other security teams, and non-security stakeholders
• Author and implement cloud security standards and policies
• Work with Security Engineering team to integrate Crowdstrike tools with allied security tools
• Work with Cloud Operations and IT Services teams to ensure integration and inter-operation with Cloud Infrastructure administration and IT Services
• Work with product development and product security teams to integrate ASPM with development tool stack to "Shift Left"
• Provide forward-looking threat analysis by continuously assessing the cloud landscape for relevant trends and emergent threats
• Identify new technologies, tools or capabilities we need to stay ahead of the security curve

Position Requirements

Hard Skills/Knowledge

• Must have Engineering skills necessary to establish and maintain the health of the cloud security tool stack
• Must have Scripting competency with a utility scripting language (Perl or Python or similar language)
• Must have hands-on proficiency with Infrastructure-as-Code (IaC), Terraform preferred
• Must have a good understanding of RESTful API's
• Must have Expert knowledge of cloud security vulnerabilities and configuration best practices
• Must have Expert security knowledge of Azure or AWS cloud services in particular
• Nice to have knowledge of one or more vendor-neutral cloud security frameworks (CSA, NIST, ISO)
• Must be willing to gain competence in other clouds (Azure, AWS, GCP, OCI, Ali Baba)

Soft Skills

• Ability to work with and communicate with audiences of all technical levels, from experts to non-technical laymen
• Ability to analyze data, identify trends
• Ability to analyze vulnerability trends and create policies to prevent future vulnerabilities
• Self-starter, Self-educator, Advocate
• Ability to partner and collaborate

Experience

• Must have 6-8 years' experience working in cloud generally (CloudOps, DevOps, etc.), with
• Must have 3-5 years of that focused on cloud security
• Must have deep experience with Azure or AWS
• Should have some experience with a second major cloud provider (Azure, AWS, GCP, or OCI)
• Strong operational experience in two of the following three areas: cloud infrastructure, identity & access management, or DevOps/DevSecOps
• Strong experience with IaC and CI/CD pipelines

Education/Certification

• Preference given to certification in either Azure or AWS
• Nice to have one or more vendor neutral security certification (CISSP, Security+, CCSP, CCSK)