Be aware of scams on social media involving phony job postings. Learn more


Senior Cloud Security Associate

Location: San Diego, CA, USA

Notice

This position is no longer open.

Requisition Number: 208007

External Description:

Senior Cloud Security Associate

Teradata is seeking a technical subject matter expert to work with a team charged with defining and managing cybersecurity for cloud. The Senior Cloud Security Associate will work with the Information Systems Security Manager to establish and document standard security procedures in accordance with the Risk Management Framework requirements. The Senior Cloud Security Associate will be responsible for implementing, maintaining and supporting FedRAMP, PCI, ISO and SOC 2 certifications and will coordinate across the organization to ensure a proper security posture is maintained. The Senior Cloud Security Associate will conduct periodic reviews to ensure continued compliance with established policies and procedures. The Senior Cloud Security Associate will report to the Senior Manager, Security Governance & Risk Management.

Given the nature of work on initiatives for our federal contracts, US Citizenship is required. Position can be based in our San Diego Headquarters or Remote.

PRIMARY RESPONSIBILITIES:

  • Ensure compliance to guidance, standards and regulations such as the Payment Card Industry Data Security Standards (PCI-DSS), ISO 27001/27002, NIST Special Publications, FIPS, FedRAMP, and other Federal regulations and policies.
  • Develop, maintain and manage Security Authorization and Assessment packages that include System Security Plans, Contingency Plans, Plan of Actions & Milestone, and other relevant security documentation for existing and new systems.
  • Using the NIST Risk Management Framework, conduct assessments of information security controls in order to measure the effectiveness of controls and identify control gaps.
  • Maintain all cloud compliance cybersecurity-related documentation.
  • Ensures that procedures are reviewed and updated whenever compliance (PCI, NIST/FedRAMP, ISO) control requirements are revised, or when a significant change occurs to the information system
  • Collect evidence, artifacts, and document findings to support conclusions. Develop and maintain security artifacts required for compliance efforts.
  • Review and write security related policies and procedures to comply with applicable standards and regulations
  • Prepare compliance test plans and coordinate the testing and result procedures
  • Identify, assess, and prioritize identified risks.
  • Assess security solutions and provide recommendations for any improvements to current security posture.
  • Assist in remediation efforts and report on the status of control deficiencies.
  • Assist with formal policy exception requests.
  • Collect and maintain data needed to meet system cybersecurity reporting.
  • Report on compliance with internal policies, controls, and standards and provide recommendations for remediation of identified deficiencies.
  • Provide timely status updates/reporting on assessments and assigned project.
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Recognize possible security violations and assist with actions to report the incident, as required.
  • Experience demonstrating strong analytical, troubleshooting and problem-solving skills for security information and event management

Basic Qualifications:

  • Bachelor’s Degree in Computer Science, IT, Information/Cyber Security field from an accredited college or university.
  • 5+ years’ experience in a cyber security role

Basic Skills/Experience:

  • Experience supporting major Federal information systems/applications
  • Experience with relevant security and risk management frameworks (NIST Risk Management Framework, NIST Cyber Security Framework, CIS Critical Security Controls, etc.)
  • Strong understanding of public cloud infrastructure architecture and security controls
  • Deep understanding of Information Assurance, Information Technology and Information Management concepts, processes and procedures
  • Experience performing security control assessments of assigned systems
  • Demonstrated proficiency in the following areas: multi-tasking, critical thinking; and the ability to work quickly, efficiently and accurately in a dynamic and fluid environment.

Preferred Experience/Knowledge:

  • NIST SP 800-37 Risk Management Framework security assessment and authorization (A&A) processes.
  • Experience working with ATO packages.
  • Experience with supporting cloud systems
  • Security controls (i.e. NIST SP 800-53, FISCAM, etc.) assessments in support of FISMA, A-123 and annual self-assessment initiatives.
  • Experience with documenting NIST 800-53 security control compliance findings within Requirements such as: Traceability Matrixes and Security Assessment Reports
  • Enterprise Logging System to conduct regular reviews of audit logs (operating system, application, database, etc.) for security anomalies and compliance with applicable policies and procedures
  • Reviewing operating system, application, and database security baseline configuration documentation to ensure compliance with agency hardening guidelines
  • Reviewing proposed change requests related to system design / configuration and performing a security impact analysis to provide approval or denial recommendations
  • Experience developing security boundary and security architecture
  • Experience reviewing and interpreting Vulnerability and Compliance scans
  • Previous Federal Government experience a large plus.

Preferred Certifications

  • Certified Cloud Security Professional (CCSP) certification
  • Certified Information Systems Security Professional (CISSP)

CountryEEOText_Description: Teradata invites all identities and backgrounds in the workplace. We work with deliberation and intent to ensure we are cultivating collaboration and inclusivity across our global organization. ​ We are proud to be an equal opportunity and affirmative action employer. We do not discriminate based upon race, color, ancestry, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related conditions), national origin, sexual orientation, age, citizenship, marital status, disability, medical condition, genetic information, gender identity or expression, military and veteran status, or any other legally protected status.

City: San Diego

State: California

Community / Marketing Title: Senior Cloud Security Associate

Job Category: Security

Company Profile:

Our Company

At Teradata, we believe that people thrive when empowered with better information. That’s why we built the most complete cloud analytics and data platform for AI. By delivering harmonized data, trusted AI, and faster innovation, we uplift and empower our customers—and our customers’ customers—to make better, more confident decisions. The world’s top companies across every major industry trust Teradata to improve business performance, enrich customer experiences, and fully integrate data across the enterprise.

LinkedIn Remote:

Location_formattedLocationLong: San Diego, California US

.