Our vision for the future is based on the idea that transforming financial lives starts by giving our people the freedom to transform their own. We have a flexible work environment, and fluid career paths. We not only encourage but celebrate internal mobility. We also recognize the importance of purpose, well-being, and work-life balance. Within Empower and our communities, we work hard to create a welcoming and inclusive environment, and our associates dedicate thousands of hours to volunteering for causes that matter most to them.

Chart your own path and grow your career while helping more customers achieve financial freedom. Empower Yourself.

Job Description:

We are seeking a dedicated and experienced Cloud Security Engineer to join our security team. As a Cloud Security Engineer, you will play a crucial role in managing the security of cloud infrastructures. Your expertise in security controls, AWS, Azure, firewalls, and network-related fields will be essential in ensuring the reliability, scalability, and security of our systems. Your proficiency in Terraform will also enable you to contribute to our infrastructure-as-code approach.

Responsibilities:

• Implement, and manage the secure cloud network infrastructure ensuring optimal performance, security, and scalability.
• Collaborate with development teams to provide expert support in integrating security measures and best practices into the development lifecycle.
• Utilize your in-depth knowledge of AWS and Azure to architect secure and resilient cloud environments that align with industry standards and compliance requirements.
• Design and Implement security controls, and policies to protect against unauthorized access, data breaches, and other security risks.
• Collaborate with cross-functional teams to ensure timely resolution of security-related incidents and issues.
• Contribute to the adoption of Infrastructure-as-Code (IaC) by creating and maintaining Terraform scripts for provisioning and managing infrastructure resources.
• Stay informed about the latest developments in security best practices, network technologies, and cloud services, and apply them to enhance our infrastructure.
• Provide training and guidance to junior team members on security practices and technologies.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field
• Proven experience in designing, implementing, and managing network infrastructure, particularly in innovation lab or cloud development environments.
• Extensive knowledge of security controls, protocols, and best practices in both on-premises and cloud environments.
• Strong expertise in AWS and Azure cloud platforms, including architecture, security, and automation aspects.
• Hands-on experience with Infrastructure-as-Code tools, with a focus on Terraform. Proficiency in Python is a must.
• Experience building, tuning, and operating detections using Cloud-native tools (GuardDuty, Security Hub), and SIEM platforms (Splunk).
• Ability to investigate cloud logs (CloudTrail, VPC Flow Logs, audit logs).
• Strong understanding of Least privilege IAM design, Role-based access, service accounts, and federated identity.
• Relevant certifications such as CISSP, AWS Certified Security, etc., are highly desirable.
• Excellent problem-solving skills and the ability to analyze complex technical issues related to security and network infrastructure.
• Effective communication skills to collaborate with both technical and non-technical stakeholders.
• Strong teamwork. Ability to work effectively with Cloud Platform, DevOps, SRE, and Engineering teams.

What will set you apart:

• 3+ years of experience with managing security controls, to include defining security policies and guardrails
• 4 + years of technical experience working with security solutions and conducting security operations
• 4+ years of cloud network security experience and reviewing security tools and solutions and making recommendations on utilization and strategy
• 4 + years of experience with network protocols, data flows and attacks within an IP environment
• 3+ years of experience in building configurations for security devices and building an automated process to support large-scale deployment
• Extensive knowledge and experience with security software, firewalls, intrusion detection systems and other security systems and network monitoring.
• Extensive hands-on technical knowledge of network systems, protocols, and standards such as TCP/IP.
• 2+ years of experience performing network and application security administration threat assessments CISSP, GIAC certification(s)
• 2+ years programming/scripting experience – one or more of: Java, Perl, PHP, Python, shell

We are an equal opportunity employer with a commitment to diversity. All individuals, regardless of personal characteristics, are encouraged to apply. All qualified applicants will receive consideration for employment without regard to age, race, color, national origin, ancestry, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, religion, physical or mental disability, military or veteran status, genetic information, or any other status protected by applicable state or local law.