Cloud FinOps Specialist

If you are an out-of-the-box thinker, go getter, who has a passion for solving tough problems utilizing innovative technologies and techniques – we are looking for you! 
 
Come join a team that values individuality, uniqueness and can appreciate innovators of all levels. 
 
We are looking for a specialist to provide business and financial governance support for AWS Cloud Services, and to contribute to the FinOps team in managing the cloud spend and proposing opportunities for cost optimization.
 
JOB SUMMARY
 
As a Cloud FinOps Specialist, you will assist in bringing financial accountability to the largest cloud-based welfare system.  Your focus will be on the cloud spend, keeping the organization on budget, cost avoidance and cost savings.
 
HIGH LEVEL RESPONSIBILITIES
• Build real-time scorecards to benchmark performance highlighting spending by various categories.
• Provide summaries and detailed usage statistics for resources across cloud accounts, offering actionable intelligence to right-size and scale services efficiently.
• Develop and modify processes to minimize administrative overhead so that development teams can operate as efficiently as possible.
• Prepare professional-quality presentations and deliver them to a wide audience, including app dev teams, managers and directors.
• Create and maintain internal documentation on FinOps and cost optimization processes.
• Identify and facilitate opportunities to optimize, reduce cost and plans to realize the savings.
• Build and maintain cloud usage visibility to proactively optimize workloads.
• Work closely with financial and billing teams on budget, forecast, and expenses reports relating to cloud spend.
• Lead regular cadence calls providing expert advice and consulting on cloud financial spend.
 
QUALIFICATIONS
• You possess strong written and oral communication skills and are comfortable presenting information at all levels in an organization .
• You have experience working with or for major public cloud providers.
• You love working in a collaborative environment and building new relationships. 
• You are capable of working independently or on a team and with all levels of management.
• You will use your strong analytical skills and experience with development/scripting tools to automate the management and reporting of cloud spend.
• You’re thoughtful in your communication and approach in proposing significant financial decisions and have strong attention to detail.
• You are experienced working with executive management presenting technical and non-technical concepts.
• You have a technical expertise, a strong financial acumen, leadership skills and proven experience providing knowledge transfer.
• You have experience developing and delivering training. 
• You have technology vendor management experience. 
• You’ve provided technology direction, guidance and oversight of vendor solutions and integrations.
 
SKILLS
• AWS Certified Cloud Practitioner (required)
• Experience with Security Information and Event Management (SIEM) software tools.
• Searching, interpreting and working with data from enterprise logging systems including syslog, and SIEM.
• Scripting languages 
• Windows, macOS, and Linux operating systems
 
 
JOB LOCATION
This position will be remote to support the Covid-19 crisis. Candidate will need to choose an office location either in Norwalk or Rancho Cordova, California.

Information System Security Professional

If you have extensive experience in security and are an out-of-the-box thinker and go-getter who has a passion for solving tough problems utilizing innovative technologies and techniques – we are looking for you! 
 
Come join a team that values individuality, uniqueness and can appreciate innovators of all levels. 
 
JOB SUMMARY
 
You will participate in privacy and information security policy review to ensure compliance with program policy and applicable laws.
 
In this role you will work in on a team whose responsibilities include policy research, design and development of program policies that align to National Institute of Standards and Technology (NIST) Special Publication 800-53 and related standards.  You will apply engineering, hardware and software design best practices based to support the Security and Risk Management directives of the organization. 
This position also contributes to the design, development, and implementation of ISRM Infrastructure components such as operating procedures and policies as they relate to Information Privacy and Security.
 
RESPONSIBILITIES
• Design, development and maintenance of program information security policies and procedures.
• Performing audits and reporting of security vulnerabilities and policy violation.
• Support in developing, updating and facilitating security education, training, and awareness activities.
• Contributes to defining security objectives and system-level performance requirements.
• Assist technical operation and support teams in validating and monitoring network penetration tests, application vulnerability assessment scans, and risk assessment reviews.
• Ensure that the program vendor security controls follow the program overarching System Security Plan.
• Assure compliance to required standards, procedures, guidelines and processes.
• Participate in business continuity planning by recommending specific measures that can improve the organization’s overall security.
• Provide support in investigations and assist in communications on security incidents as directed by the program Chief Information Security Officer (CISO).
• Participate in clearly defining security requirements, deliverables and timeframes throughout the System Development Life Cycle. 
• Complete project tasks to enable them on time, within budget and scope.
• Remain well informed and familiar with the latest IT trends and security enhancements; support in research as needed.  Perform other duties as assigned.
 
EXPERIENCE
• Cloud and on-premise information security and systems analysis (AWS preferred).
• Experience with National Institute of Standards and Technology (NIST) special publication 800-53 and related special publications, FedRAMP, Cybersecurity Framework, Cybersecurity Maturity Model Certification.
• Experience with Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, Software Development Security. Laws, regulations, investigations and compliance as it relates to Information Security, Privacy and Personally Identifiable Information. 
• Experience with tools and technologies such as Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event and Incident Management (SEIM), virtualization platforms, firewalls (network and application), Malware Protection, MDM, Forensic Tools, etc. – especially in an AWS infrastructure.
• Experience developing or maintaining security policy based on NIST 800-53, application and network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
• Experience working on government funded programs.
 
SKILLS
• Experience configuring and monitoring security controls in AWS cloud.
• In depth understanding of National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), NIST 800-83, security controls for FedRAMP moderate system.
• Deep knowledge of security controls throughout the System Development Life Cycle (SDLC).
• Detail-oriented and strong teamwork and inter-personal skills.
• Excellent troubleshooting and analytical skills.  
• Experience with AWS Cloud Security Best Practices including: Security Policies and Standards Automation on AWS, Securing and Monitoring AWS Workloads, Designing for Advanced Security within AWS cloud, Advanced Network Security on AWS, Securing AWS Infrastructure, Securing Data Analytics Pipelines on AWS.
 
REQUIRED EDUCATION
Associate degree – Computer science, information systems, or related field or five years’ experience.
 
LICENSES/CERTIFICATIONS – PREFERRED
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA) 
• AWS Certified Security – Specialty, 
• AWS Certified Advanced Networking – Specialty
 
JOB LOCATION
This position will be remote to support the Covid-19 crisis. Candidate will need to choose an office location either in Norwalk or Rancho Cordova, California.

Cloud Security Analyst (Operations)

If you have cloud security experience and are an out-of-the-box thinker and go-getter who has a passion for solving tough problems utilizing innovative technologies and techniques – we are looking for you!

Come join a team that values individuality, uniqueness and can appreciate innovators of all levels.

 Job Summary:  In this role you will meet on a regular basis with vendors who are designing, developing and implementing systems to support the largest cloud-based welfare system.  Primary responsibilities include reviewing audit findings with vendors and keeping track of burn down activities required to remediate security vulnerabilities.

This position also contributes to the design, development, and implementation of program policies that support the program System Security Plan, operating procedures and training related to program Security and Privacy Controls for program systems.

RESPONSIBILITIES

• Contribute to the design, development and maintenance of program information security policies and procedures.
• Working with vendors to help them understand audit results in their AWS accounts such as security vulnerabilities and policy violations.
• Contribute to developing, updating and facilitating security education, training, and awareness activities.
• Audit vendor controls using the program overarching System Security Plan (SSP) and working with vendors on remediation plans to assure compliance to required standards, procedures, guidelines and processes.
• Participate in vendor security requirement refinement meetings
• Review vendor deliverables and provide comments throughout the System Development Life Cycle.
• Perform other duties as assigned.
• Develop and document AWS CloudTrail use cases for review with team.
• Contribute to the configuration of the AWS CloudTrail service to support approved use cases.
• Document and Implement AWS CloudWatch configuration to support monitoring of approved use cases.

 EXPERIENCE

• Experience in government funded welfare programs.
• Experience with National Institute of Standards and Technology (NIST) special publication 800-53 and related special publications.
• Experience in evaluating social service systems and requirements gathering and refinement.
• Experience in developing process and procedures that are secure and cost effective.
• Experience in designing and deploying of complex workflow technologies
• Experience developing or maintaining government funded program policies-based best practices and standard frameworks.
• Experience with technical integration and coordination across teams, business units and organizations.
• Experience working on government funded programs.
• Experience with scripting languages and hands-on application development a plus.

 SKILLS

• Experience configuring and monitoring security controls in AWS cloud.
• Understanding of National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), NIST 800-83, security controls for FedRAMP moderate system.
• Knowledge of security controls throughout the System Development Life Cycle (SDLC).
• Detail-oriented and strong teamwork and inter-personal skills.
• Excellent troubleshooting and analytical skills.
• Experience with AWS Cloud Security Best Practices including: Security Policies and Standards Automation on AWS, Securing and Monitoring AWS Workloads, Designing for Advanced Security within AWS cloud, Advanced Network Security on AWS, Securing AWS Infrastructure, Securing Data Analytics Pipelines on AWS.

PREFERRED EDUCATION AND CERTIFICATION

• Associate degree or five years’ experience in government, health and human services.
• AWS Certified Cloud Practitioner
• CloudCheckr Certification
• FinOps Certification

JOB LOCATION:  This position will be remote to support the Covid-19 crisis. Candidate will need to choose an office location either in Norwalk or Rancho Cordova, California as a base. This position can be 100% remote for the right person.