Newell Brands Cloud Security Engineer - in New York, United States
Newell Brands is making a significant investment in E-Commerce and Cloud architecture. The Global Information Security organization seeks to add a Cybersecurity Engineer with experience in securing enterprise web solutions in Azure, AWS and other cloud environments. The role is also responsible for proactively protecting information assets from unauthorized or inappropriate access, use or disclosure as well as business disruptions through proper identification and escalation of vulnerabilities. In addition to working closely with IT and the Business, regular interaction with internal and external auditors, Legal, Privacy and Ethics is also required of the position.
Duties and responsibilities may include:
Develop an understanding of Newell Brands current and forward-looking threat profile.
Work closely with Ecommerce teams to ensure all system platforms and cloud environments are secured with Newell Brands standards.
Responsible for vulnerability scanning of cloud environments.
Reviews, researches, and implements remediation measures for identified vulnerabilities.
Reviews cloud security violation reports and investigates possible security exceptions.
Responsible for web application security including configuration of Web Application Firewalls (WAF) and other security tools.
Supports Web Application Security testing initiatives including web development source code vulnerability analysis and review.
Protects valuable information and maintains the confidentiality and integrity of data through:
Knowledge of security management, network & protocols, data and application security solutions
Knowledge of industry trends and current and emerging risks
Experience with security related regulatory requirements, such as NIST, PCI and ISO 27001.
5+ years in an Information Security role
3+ years securing Ecommerce environments.
Strong understanding of public cloud computing architecture, technical design and implementations, including Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as Service (SaaS) delivery models across multiple different cloud vendors.
Experience with AWS Web Services and Microsoft Azure Platform
Proven experience with Vulnerability Assessment tools (Nexpose, Nessus, Burp).
Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, etc) preferred.
Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies preferred.
Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies.
Ability to manually assess vulnerabilities, verify false positives, provide detailed mitigation plans prioritized by risk to the organization.
Knowledge of application security, database security, and secure coding practices.
Working knowledge of common and industry standard cloud authentication mechanisms (OAuth, OpenID, Azure AD).
Skilled in scripting or programming languages (Python, Ruby, Shell, Perl, C/C++, Java, etc.)
Bachelor’s degree in Information Security, Computer Science, Information Management Systems, or related field required.
Certifications requirements: CISSP, CCSP and GPEN preferred. MCSE Cloud Platform and Infrastructure and AWS Certified Solutions Architect a plus.
Newell Brands (NYSE: NWL) is a leading global consumer goods company with a strong portfolio of well-known brands, including Paper Mate, Sharpie, Dymo, EXPO, Parker, Elmers, Coleman, Jostens, Marmot, Oster, Sunbeam, FoodSaver, Mr. Coffee, Rubbermaid Commercial Products, Graco, Baby Jogger, NUK, Calphalon, Rubbermaid, Contigo, First Alert and Yankee Candle. For hundreds of millions of consumers, Newell Brands makes life better every day, where they live, learn, work and play. Newell Brands and its subsidiaries are Equal Opportunity Employers and comply with applicable employment laws. EOE/M/F/Vet/Disabled are encouraged to apply.