Your Role and Responsibilities:
- Collect and produce evidence in response to audit requests for supported service(s).
- Streamline audit engagements by applying SRE principles to develop strategies and tooling that automate evidence collection and production and anticipate data production requests.
- Develop tools and strategies to assess the health of security controls and adherence to policy, processes and procedure requirements.
- Ensure proper documentation and rapid remediation of identified deviations.
- Develop test cases to ensure observed deviations do not reoccur.
- Serve as primary SME for service control implementation, design, and operating procedures in audit engagements.
- Drive risk culture transformation in service teams.
- Create diagrams and other documentation of network environments.
- Recognize and prioritize critical tasks independently.
- Working knowledge of common security frameworks, such as NIST 800-53, ISO 27K, FedRAMP/ FISMA, HIPAA, GDPR, SOC 2, PCI, etc.
- Process automation experience
- Deep technical understanding of cloud concepts
- A strong understanding of networking fundamentals, the OSI model, and TCP/IP protocols.
- Proficient with Linux/Unix and Windows based operating systems.
- Strong critical-thinking and problem-solving skills.
- Excellent written and verbal communications
Preferred Professional and Technical Expertise:
- Bachelor’s degree in a technical discipline or equivalent work experience.
- Highly experienced in command line operations of Cisco, Arista, Juniper, and Palo Alto operating systems.
- Knowledge of security best practice guidelines (NIST, ISO, CIS etc.)
- Experience with programming/scripting languages and tools in support of automation (Bash, Python, Golang, Ansible, Chef, SaltStack, etc...)
- Proficient in the use of common issue tracking and documentation tools such as JIRA and Confluence.
- Experience with managing git repositories and code versioning tools (Github, BitBucket, etc.)