Note: The job is a remote job and is open to candidates in USA. Humana Inc. is a leading U.S. healthcare company focused on providing better healthcare services. The Senior Cloud Security Engineer will ensure cybersecurity policies are engineered and deployed in cloud environments, automating security controls to minimize risks and ensuring compliance with security standards.
Responsibilities
- Deploy and provide operational support for hierarchical NGFW policies in GCP using security tags, and automate configurations using Terraform and DevOps principles
- Manage and troubleshoot Azure Network Security Groups (NSGs) at scale, using Terraform to automate deployment, updates, and scaling of security rules across multiple environments, ensuring continuous network protection and performance
- Ensure all infrastructure changes are deployed through CI/CD pipelines using Terraform modules, following best practices for DevSecOps
- Develop and implement security policies, standards, and procedures for cloud-based applications and infrastructure employing Prisma Cloud's comprehensive security solutions, including Workload Protection (Compute), Cloud Security Posture Management (CSPM), and Code Security modules
- Integrate robust code security measures and scanning capabilities into CI/CD pipelines and other cloud workflows using IaC
- Implement and manage enterprise security policies using Prisma CSPM's advanced capabilities, including preventive guardrails and automated remediations, to ensure proactive measures are in place
- Leverage IaC and CI/CD to seamlessly deploy, patch, and upgrade Prisma Cloud and cloud-based security systems
- Configure vulnerability items, misconfigurations, and other alerts in Prisma Cloud, actively assisting stakeholders with timely remediation efforts
- Assist the SOC and Cyber Defense & Response Team during security incidents, involving timely configuration changes to Prisma and frequent participation on major incident bridges
- Manage user access in Prisma portal based on least privilege roles, and provide operations training and support, as needed
- Participate in a 24/7 on-call rotation to ensure rapid incident response, maintaining operational integrity and minimizing downtime across enterprise systems
Skills
- Bachelor's Degree in Computer Science, Information Technology, Cybersecurity or related field
- 7+ years of experience supporting and implementing multi-cloud security solutions with a focus on GCP and Azure, including configuration, deployment, troubleshooting, and ongoing maintenance
- 3+ years of direct, hands-on experience with GCP network access control and Azure NSGs, leveraging IaC automation (Terraform) for efficient and secure cloud operations
- Proficiency in deploying and managing NGFW policies using security tags and hierarchical firewall rules within GCP
- Strong ability to manage and troubleshoot Azure NSGs, leveraging Terraform for automation and scaling
- Experience implementing security policies via IaC using Terraform and managing deployments through Azure DevOps (ADO) and GitHub Actions
- Expertise in DevSecOps and shift-left principles, actively ensuring security risks and misconfigurations are addressed early in the development process
- Ability to work in a 24x7 on-call rotation, triage incidents, and participate in incident bridges with senior leadership teams (SLT)
- Proven experience in incident response and security operations, including assisting the SOC during critical events
- Capable of providing training and guidance to team members on cloud security best practices
- Certification in Prisma Certified Cloud Security Engineer (PCCSE) and/or Palo Alto Networks Systems Engineer—Prisma Cloud Associate desired
- Additional certifications such as CISSP, CCSP, Security+, or relevant tracks for Azure and GCP
- Advanced experience with Terraform and managing large-scale IaC automation through CI/CD pipelines
- Experience implementing and managing Policy as Code (PaC) in cloud environments, including Azure Policy, GCP Organizational Policy, or HashiCorp Sentinel
- Familiarity with Agile methodology, including Scrum and Kanban frameworks
- Proficiency with scripting languages such as PowerShell, Python, YAML, and Bash
- Experience troubleshooting Linux environments using tools like cURL, tcpdump, netstat, etc
Benefits
- Bonus incentive plan
- Medical, dental and vision benefits
- 401(k) retirement savings plan
- Time off (including paid time off, company and personal holidays, paid parental and caregiver leave)
- Short-term and long-term disability
- Life insurance
- Payment for their internet expense for Associates or contractors who live and work from home in the state of California
Company Overview
Company H1B Sponsorship