Cloud Security Engineer

  • NuSkin
  • Provo, UT, USA
  • Jan 28, 2021
Full time

Job Description

We are hiring for a Full-Time Cloud Security Engineer. Right now, many of our employees are working from home, and for this role we currently support remote work from Utah, Texas, Colorado, California, Arkansas, and additional states on a case-by-case basis. As we look to return to our Provo campus during 2021, we will require physical relocation for employees in states outside of Utah, Texas, Colorado, California, or Arkansas.

 

-----------
About Us
------------

Our story begins in 1984, in Provo, Utah, with a group of friends who wanted to bring good-for-you personal care products to market. Sandy, Blake, and Steve committed to launch sustainably sourced beauty and skin care products with “All of the good and none of the bad.” The team wanted to help people, too. They integrated their new product line with an opportunity platform for entrepreneurs. More than 35 years later, Nu Skin is operating in nearly 50 markets across the world. Our founders’ commitment to premium beauty products and the entrepreneur spirit has kept us growing into the global, publicly traded company we are today.

-----------
The Role
-----------

The Cloud Security Engineer is a technical specialist focused on cloud hosting services, Software As a Service, Platform As a Service, etc., primarily in Amazon Web Services (AWS) environments. Successful candidates will be expected to independently perform risk assessments of all aspects of the Nu Skin cloud presence and to implement security solutions for Nu Skin-owned data and applications.

You will work effectively with the various DevOps, SRE, Data, and CIE teams across the global technology organization, providing reliable technical security expertise on cloud security issues and applying a team-based approach to solving problems and prioritizing security work. You will seek to streamline and automate processes in order to deliver maximum results with minimal effort.

What you'll do: 

  • Provide security-based risk assessments of current and future business and technology solutions that leverage SaaS, PaaS, and IaaS.
  • Work closely with the DevOps teams, Data Teams, System Reliability Engineering (SREs) teams, and Cloud Infrastructure Engineering (CIE) teams to provide guidance on securing cloud workloads.
  • Research and investigate cyber threats and security incidents in the cloud environment.
  • Perform comprehensive risk assessments of new cloud services that other business units consume.
  • Enhance and evolve the current Security strategy, guidelines, configurations for the cloud services used by Nu Skin by writing guides, standards, and best practices.
  • Ensure optimum efficiencies for the utilization of cloud services.
  • Assist in designing, planning, and implementing security tools, controls, automations, policies, and processes. This includes contributing code (primarily Python) toward security automations.
  • Review and provide guidance on a Secure Code pipeline for applications in the cloud hosting environment.
  • Provide management with security status reports on security posture of the Nu Skin cloud environments.

What you'll need:

  • 5+ yrs. experience in IT with 3+ yrs. in Cloud Security Engineering
  • Good understanding of various cloud services including SaaS/PaaS/IaaS in AWS, or other public cloud environments, as well as Salesforce, ERP platforms, etc.
  • Deep passion for information security and the desire to constantly learn and grow in the field
  • Excellent collaboration and influence skills across a wide variety of technical teams
  • Ability to write standards documents and best practices outlining how to securely accomplish business needs in cloud environments
  • Very good understanding of Cloud Security principals
  • Good understanding of industry standard security monitoring tools used in cloud environment
  • Self-motivated and able to work well with minimal supervision on a small team
  • Ability to consult with and seek input from team members and management
  • Ability to perform analysis of data, processes, policies, procedures and/or systems; produce unambiguous, comprehensive and accurate interpretations
  • Familiarity of regulatory requirements (i.e., PCI, GDPR, SOX) and frameworks (e.g., NIST, CIS, ISO 27002 etc.)
  • Familiarity with agile development practices and DevSecOps

Good understanding of at least some of the following:

  • AWS GuardDuty, Inspector, CloudTrail, CloudWatch, Macie, Config, Security Hub, IAM, etc.
  • Container Security and Serverless Security principlesSalesforce Shield, data masking etc.
  • Big data, data lakes, ETL frameworks
  • AWS EC2, API Gateway, Lambda

Bonus points for: 

  • Python, Java, Bash development skills
  • AWS Certified Solutions Architect – Prof
  • AWS Certified Security – Specialty
  • CCSP (Certified Cloud Security Professional)
  • CISSP (Certified Information Systems Security Professional)


---------------------
Benefits & Perks
---------------------

You will be part of an engaged, inclusive, global community that values family, giving back, beauty, and sustainability. We offer competitive benefits with comprehensive medical, vision, and dental coverage; supplemental life, short-term, and disability insurance; free access to health coaches, therapists, and an onsite fitness center; a health savings account & 401k with company match; an incentive bonus program; and access to our top-quality beauty & wellness products. You’ll also be empowered to prioritize what’s important to you through flexible work arrangements and a generous vacation policy. Thinking about adding little ones to your family? We have generous maternity and paternity leave too.

--------------------
What We Value
--------------------

Purpose: We’re on a mission to be a “A Force for Good.” We promote a culture of doing good while providing opportunity for personal and professional growth. We prioritize giving back, whether that’s through empowering employees to join week-long service trips in Malawi, Africa, designating days for employees across the world to participate in community service projects, or creating sustainable products and packaging, you will be able to make a difference. We have eight guiding principles: to be A Force for Good, Accountable & Empowered, Bold Innovators, Customer Obsessed, Direct & Decisive, Exceptional, Fast Speed, and One Global Team.

Equal Opportunity: We are an equal opportunity employer. Success and cultural fit are dependent on living the Nu Skin Way and are independent of race, age, gender orientation, sexual orientation, religion, or disability. We believe our capability to improve lives is enhanced when we understand and reflect the diversity of our sales leaders, customers, and employees. Applicants with disabilities who need assistance with the application process may be entitled to a reasonable accommodation in accordance with applicable law. If you need assistance completing an application or participating in an interview because of a disability, please contact our Talent Acquisition team at 1.801.345.1000.

Data Privacy: Information you provide on your application will be processed according to our Privacy Policy, which is available for you to review at https://www.nuskin.com/en_US/corporate/privacy.html. For questions about this policy, please contact us at privacy@nuskin.com.