Sr. Information Security Consultant
US-IL-Bloomington
Careers (External)
Req #: 42033
Type: Regular Full Time
|
|
|||||||||||||
|
||||||||||||||
Overview: Being good neighbors - helping people, investing in our communities, and making the world a better place - is who we are at State Farm. It is at the core of how we operate and the reason for our success. Come join a #1 team and do some good! Office Locations: Bloomington and Dallas HYBRID: Qualified candidates (in or near hub locations listed below) should plan to spend time working from home and some time working in the office as part of our hybrid work environment. **Applicants are required to be eligible to lawfully work in the U.S. immediately; employer will not sponsor applicants for U.S. work authorization (e.g., H-1B Visa) or future need for this opportunity. Responsibilities: We are seeking an experienced Sr. Information Security Consultant to enhance and enable our security strategy across our multi-cloud environment, including, but not limited to, Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). The ideal candidate will possess deep expertise in cloud security architecture, platform security, and governance, driving best practices to protect our cloud assets at scale. * Serves as a trusted security advisor to business, technology, legal, and compliance areas to proactively further the effectiveness of the Information Security program. * Lead the design, implementation, and continuous improvement of cloud security architectures across cloud platforms such as AWS, Azure, and GCP. * Consult on defining and enforcing platform security standards, policies, and controls to protect cloud workloads and infrastructure. * Architect secure cloud environments with a focus on identity and access management, network security, data protection, logging/monitoring, and threat detection. * Collaborate with cloud platform teams to embed security into cloud infrastructure, platform services, and developer workflows. * Consult on the management of cloud security posture management and vulnerability remediation processes. * Consult on incident response activities related to cloud security events. * Mentor and lead others on cloud security best practices. * Stay current with emerging cloud security technologies, threats, and compliance mandates, and drive adoption where appropriate. * Conduct comprehensive risk assessments, including evaluating policy exceptions and performing platform risk assessments, to identify potential vulnerabilities and ensure compliance with organizational standards and regulatory requirements. Qualifications: * Extensive experience (5+ years) securing one or more cloud platforms including AWS, Azure, and Google Cloud. * Deep understanding of cloud security controls and platform security concepts, including: * Secure platform hardening and baseline configurations. * Secure software supply chain and container security. * Platform-level identity and access management (e.g., Azure AD Privileged Identity Management). * Network segmentation, micro-segmentation, and zero-trust architecture in cloud. * Understanding of security automation and Infrastructure as Code (IaC). * Experience with cloud threat detection and monitoring tools. * Experience in platform security governance, compliance frameworks (HIPAA, PCI-DSS, SOC 2), and audit readiness. * Scripting and automation skills (Python, PowerShell, Bash) for security tooling and workflow automation. * Knowledge of container and orchestration security (Kubernetes, Docker, OpenShift). * Solid knowledge of encryption technologies, key management, Zero Trust architecture, and secrets management solutions. * Strong relationship building, critical thinking, leadership, communication, mentoring and critical thinking skills. Certifications (Desired): * AWS Certified Security - Specialty * Microsoft Certified: Azure Security Engineer Associate or Expert * Google Cloud Professional Cloud Security Engineer * Certified Information Systems Security Professional (CISSP) * Certified in Risk and Information Systems Control (CRISC)
Share this job:
