Stimulating. Motivating. Challenging.
Nagravision, a division of the Kudelski Group, is the world leader in the creation and delivery of state-of-the-art technologies to secure the revenues of content owners and service providers for digital television and interactive applications across all network types. Nagra's solutions enable consumers to access content seamlessly over any device through a compelling viewing experience.
Location: Cheseaux, Switzerland
Mission
As a Cloud Security Engineer, you will identify and mitigate security risks, ensure compliance with GDPR, ISO 27001, and other relevant standards, and apply best practices throughout the development lifecycle. Your role is essential in safeguarding our applications and infrastructure, maintaining the highest levels of security across all platforms.
Responsibilities
Cloud Security:
- Assist in securing cloud-based applications and infrastructure on AWS under the guidance of the Security Architect.
- Participate in the identification of cloud security risks and contribute to the definition of security objectives for cloud-based systems.
- Collaborate with the Security Architect to ensure the implementation of cloud security practices and guidelines throughout the development lifecycle.
- Support the selection and implementation of cloud security solutions, techniques, and technologies to meet targeted security levels.
- Collaborate with the AWS’ TAM and Solution Architect assigned by AWS to Nagra
- Help in the implementation of security measures to ensure compliance with GDPR, ISO 27001, and other relevant standards for cloud environments.
On-Premises Security:
- Assist in securing on-premises applications and IT infrastructure in collaboration with the Security Architect.
- Participate in the identification of security risks in on-prem environments and contribute to the definition of security objectives.
- Collaborate with IT teams to ensure that on-premises infrastructure adheres to security policies and compliance requirements.
- Stay informed about the latest trends and best practices in traditional IT security.
Cross-Environment Security:
- Work closely with cross-functional teams, including architect, developers, and Operations, to review and improve security designs and implementations across both cloud and on-premises environments.
- Assist in coordinating audit and security evaluations, such as pentest, of products and infrastructure in both cloud and on-prem environments.
- Contribute to the development and maintenance of security documentation and procedures for both cloud and on-prem environments.
Requirements / Profile
Qualifications:
- Bachelor’s degree in Computer Science, Information Security, or a related field.
- Understanding of cloud security concepts, particularly within AWS environments.
- Familiarity with on-premises security concepts, including network security, endpoint security, and server hardening.
- Knowledge of cybersecurity principles and practices applicable to both cloud and on-prem environments.
- Understanding of the software development lifecycle, DevOps practices, and IT operations.
- Eagerness to learn and adapt to new technologies and methodologies.
- Strong analytical and problem-solving skills.
Preferred Qualifications:
- AWS certification or coursework, as well as knowledge of conventional IT security tools, is a plus.
- Fluency in English
Best Practices for Security in AWS and On-Prem Environments:
As a Cloud and On-Prem Security Engineer, you will be expected to learn and apply the following best practices under the guidance of the Security Architect:
Cloud Security (AWS):
- Implement the principle of least privilege using IAM.
- Ensure data encryption at rest and in transit.
- Leverage CloudTrail and CloudWatch logging and monitoring.
- Use Security Groups and NACLs to control traffic.
On-Prem Security:
- Implement network segmentation to isolate sensitive data.
- Regularly update and patch on-premises systems to protect against vulnerabilities.
Cross-Environment Security:
- Apply consistent security policies across both cloud and on-prem environments.
- Define and help the implementation of backup and disaster recovery plans for both environments.
- Prepare for security incidents by defining clear incident response plans for both cloud and on-prem environments.
Reference: 14602
Publication Date: 06-09-2024