Security Engineer L3

Job Description

Rackspace Cyber Defense
Security Engineer L3 (Cloud Security)
About Rackspace Cyber Defense
Rackspace Cyber Defense is our next generation cyber defense and security operations capability that builds on 20+ years of securing customer environments to deliver proactive, risk-based, threat-informed and intelligence driven security services.
Our purpose is to enable our customers to defend against the evolving threat landscape across on-premises, private cloud, public cloud and multi-cloud workloads.
Our goal is to go beyond traditional security controls to deliver cloud-native, DevOps-centric and fully integrated 24x7x365 cyber defense capabilities that deliver a proactive, threat-informed, risk-based, intelligence-driven approach to detecting and responding to threats.
Our mission is to help our customers:
.Proactively detect and respond to cyber-attacks - 24x7x365.
.Defend against new and emerging risks that impact their business.
.Reduce their attack surface across private cloud, hybrid cloud, public cloud, and multi-cloud environments.
.Reduce their exposure to risks that impact their identity and brand.
.Develop operational resilience.
.Maintain compliance with legal, regulatory and compliance obligations.
What we're looking for
To support our continued success and deliver a Fanatical Experience to our customers, Rackspace Cyber Defence is looking for an Indian based Security Engineer, with a specialism in Cloud Security to support Rackspace's strategic customers.
This role is particularly well-suited to a self-starting, experienced and motivated Sr. Security Engineer, who has a proven record of accomplishment in the design, delivery, management, operation and continuous improvement of enterprise-level cloud security platforms or delivering managed security services to customers.
The primary focus will be on the design, implementation, management, operation and continuous improvement of cloud-native security across customer Microsoft Azure, AWS and/or Google Cloud Platform (GCP) environment.
You will also be required to liaise closely with the customer's key stakeholders, which may include incident response and disaster recovery teams as well as information security.
Key Accountabilities
.Ensure the Customer's operational and production environment remains healthy and secure at all the times.
Assist with customer onboarding - customer onboarding, policy configuration, platform configuration and service transition to security operations team(s).
Advance platform administration, ideally through a DevOps-centric approach.
Critical platform incident handling & closure.
As an SME, act as an L3 escalation and point of contact for SecOps Analysts during an incident response process
As an SME, act as a champion and centre of enablement by delivering training, coaching and thought leadership
Develop and document runbooks, playbooks and knowledgebase articles that drive best practice across teams.
Drive continuous improvement of Rackspace managed security services through custom development, automation and integration in collaboration with SecOps Engineering and other Security Engineering team(s)
Maintain close working relationships with relevant teams and individual key stakeholders, such as incident response and disaster recovery teams as well as information security etc.
Co-ordinate with vendor for issue resolution.
.Required to work flexible timings.
Skills & Experience
.Should have 8+ years experience in Security Engineering.
.Experience working in either large, enterprise environments or managed security services environments with a focus on cloud security.
.Experience of working with Microsoft-centric, cloud native security tools such as Microsoft Sentinel, Microsoft Defender for Cloud, Azure Active Directory, Azure Key Vault and Azure WAF and Azure Firewall.
.Experience of working in two (or more) of the following additional security domains:
oGCP (Google Cloud Platform) Security Command Centre.
oAWS (Amazon Web Services) Security Hub including AWS Guard Duty, AWS Macie, AWS Config and AWS CloudTrail.
oSIEM platforms such as Microsoft Sentinel (preferred), Google Chronicle, Splunk, QRadar, LogRhythm, Securonix etc.
oEndpoint Security and Endpoint Detection & Response (EDR) tools such as Crowdstrike, Microsoft Defender for Endpoint and/or Microsoft Defender for Cloud.
oFirewalls and network security tools such as Palo Alto, Fortinet, Juniper, and Cisco.
oWeb Application Firewall (WAF) tools such as Cloudflare, Akamai and Azure WAF.
oData Loss Prevention (DLP) tools such as Microsoft Purview, McAfee and Symantec
.Experience of cloud-native security controls, such as network access controls identity, authentication, and access management controls (IAAM) and intrusion detection and prevention controls.
.Knowledge of security standards (good practice) such as NIST, ISO27001, CIS (Center for Internet Security), OWASP and Cloud Controls Matrix (CCM) etc.
.Knowledge of scripting and coding with languages such as Terraform, python, javascript, golang, bash and/or powershell.
.Knowledge of DevOps practices such as CI/CD, Azure DevOps, CircleCI, GitHub Actions, Ansible and/or Jenkins.
.Computer science, engineering, or information technology related degree (although not a strict requirement)
.Holds one, or more, of the following certificates (or equivalent): -
oCertified Information Security Systems Professional (CISSP)
oMicrosoft Certified: Azure Security Engineer Associate (AZ500)
oMicrosoft Certified: Security Operations Analyst Associate (SC-200)
oCREST Practitioner Intrusion Analyst (CPIA)
oCREST Registered Intrusion Analyst (CRIA)
oCREST Certified Network Intrusion Analyst (CCNIA)
oSystems Security Certified Practitioner (SSCP)
oCertified Cloud Security Professional (CCSP)
oGIAC Certified Incident Handler (GCIH)
oGIAC Security Operations Certified (GSOC)
.A highly self-motivated and proactive individual who wants to learn and grow and has an attention to detail.
.A great analyser, trouble-shooter and problem solver who understands security operations, programming languages and security architecture.
.Highly organised and detail oriented. Ability to prioritise, multitask and work under pressure.
.An individual who shows a willingness to go above and beyond in delighting the customer.
.A good communicator who can explain security concepts to both technical and non-technical audiences.
About Rackspace Technology
We are the multicloud solutions experts. We combine our expertise with the world's leading technologies - across applications, data, and security - to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes, and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.
More about Rackspace Technology
Though we are all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, colour, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.