TIAA Jobs

Engineer Cloud

The Engineering Cloud job supports the planning for the company's cloud platform. This job assists in developing and implementing operational plans for the processes and standards of developing the organization's technology architecture through the creation of a new cloud platform design. Additionally, this job lends consultative support to multiple teams within the organization to provide technical expertise and insight, along with maintaining consistent knowledge of emerging trends and technologies in the related technology space.

Key Responsibilities and Duties

• Collaborates with various stakeholders on the strategic vision for the enterprise leveraging cloud, managed solutions and traditional capabilities; make recommendations on new solutions and technologies.

• Supports the design, development, and implementation of new, cutting edge cloud platform within the organization.

• Verifies cloud platform allows business applications to transform into scalable, elastic systems that can be created on demand.

• Supports the implementation of hardware and software infrastructure updates and improvements as needed and integration with the cloud infrastructure.

• Coaches and reviews the work of lower level information technology professionals to ensure high-quality and timely completion of projects.

Educational Requirements

• University (Degree) Preferred

Work Experience

• 3+ Years Required; 5+ Years Preferred

Physical Requirements

• Physical Requirements: Sedentary Work

Career Level

7IC

Role: Cloud Security Engineer with SaaS (Multi-Cloud)

• Implement cloud security strategy, standards, procedures, best practices, and DevSecOps.

• Implement processes and technical controls supporting cloud security standards including integration of cloud services and workloads into corporate cybersecurity services.

• Collaborate with operations and engineering teams to implement and tune cloud-native security monitoring, tooling and reporting

• Implement CSPM tools such as wiz.io across multiple cloud platforms

• Define cloud security policies, standards, and best practices in a multi-cloud environment

• Promote awareness of corporate cybersecurity policy, standards and guidelines

• Design cloud-based network traffic flows to drive anomaly detection capability

• Mentor engineering and operations staff on unique cloud-based security controls

• Develop tools to improve cloud specific anomaly detection requirements

• Foster a culture of security by partnering with solutions architects & other business teams to balance key performance and security

• Perform regular reviews of cloud infrastructure for security, and cloud best practices.

• Develop threat models to identify risks and prioritize improvements to our architecture.

• Drive the adoption of Authentication and Authorization reference architectures for managing cloud infrastructure.

• Educate peers on applying the latest cloud native technologies when developing new services, systems and applications.

• Contribute to a secure/compliant cloud-native service catalog, repositories

• Maintain Compliance across our Production, Development and Corporate systems hosted in the public clouds

• Collaborate with engineering and operations teams toward implementing controls and processes that address identified gaps

• Document SaaS application configuration settings, integrations, service accounts and take ownership of recertification needs.

• Build compliance requirements and SaaS Application security baselines, ensuring SaaS applications are implemented to align with requirements.

• Evaluate new applications to ensure implementation can meet security baselines.

• Research options for compliance remediation and coordinate with the Systems Administration team to implement solutions.

• Determine risks and remediation options with implemented SaaS applications.

• Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.

• Examine all relevant application logs to determine trends and identify incidents or areas for concern.

• Validate and maintain incident response plans and processes to address potential threats.

• Compile and analyze data for management reporting and metrics.

• Ensure that all SaaS applications follow a standardize lifecycle management process and perform routine audits as necessary.

• Perform account lifecycle management auditing tasks and create documentation detailing account lifecycle needs.

• Perform continuous monitoring of company applications identifying areas of shadow IT and initiating remediation efforts.

Preferred qualifications & experience:

• Compliance Automation

• Strong experience in vulnerability management & risk assessment

• Strong experience in implementing CIS, NIST & other benchmarks

• Encryption theory & key management (PKI)

• Multi-Cloud security experience working in the Financial industry

• Proficient in analyzing architecture patterns, diagrams, Network & application architecture

• Ability to identify threat surfaces & identify pro-active & reactive security controls to minimize the overall residual risk.

• Cloud certifications in AWS & GCP is preferred.

• 3+ years experience managing or auditingSaaSapplications. Security+, CISSP, or related certification preferred.

• Demonstrated experience with process automation and improvement.

• Proficiency with at least one scripting language (e.g., Perl, Python and PowerShell).

Related Skills

Accountability, Adaptability, Business Continuity Planning, Cloud Computing Security, Collaboration, Communication, Compliance, Consultative Communication, Cybersecurity, Detail-Oriented, General Risk Management, Network Security, Prioritizes Effectively

Company Overview

TIAA Global Capabilities was established in 2016 with a mission to tap into a vast pool of talent, reduce risk by insourcing key platforms and processes, as well as contribute to innovation with a focus on enhancing our technology stack. TIAA Global Capabilities is focused on building a scalable and sustainable organization , with a focus on technology , operations and expanding into the shared services business space.

Working closely with our U.S. colleagues and other partners, our goal is to reduce risk, improve the efficiency of our technology and processes and develop innovative ideas to increase throughput and productivity.

We are an Equal Opportunity/Affirmative Action Employer. We consider all qualified applicants for employment regardless of age, race, color, national origin, sex, religion, veteran status, disability, sexual orientation, gender identity, or any other protected status.

Accessibility Support

TIAA offers support for those who need assistance with our online application process to provide an equal employment opportunity to all job seekers, including individuals with disabilities.

If you are a U.S. applicant and desire a reasonable accommodation to complete a job application please use one of the below options to contact our accessibility support team:

Phone: (800) 842-2755

Email: accessibility.support@tiaa.org

Privacy Notices

For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here (https://www.tiaa.org/public/tiaa-nuveen-privacy) .

For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) .

For Applicants of Nuveen residing in Europe and APAC, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) .

For Applicants of Greenwood residing in Brazil (English), click here (https://www.tiaa.org/public/support/privacy/applicants-greenwood-privacy) .

For Applicants of Greenwood residing in Brazil (Portuguese), click here (https://www.tiaa.org/public/support/privacy/applicants-greenwood-portuguese-privacy) .

For Applicants of Westchester residing in Brazil (English), click here (https://www.tiaa.org/public/support/privacy/applicants-westchester-privacy) .

For Applicants of Westchester residing in Brazil (Portuguese), click here (https://www.tiaa.org/public/support/privacy/applicants-westchester-portuguese-privacy) .

TIAA started out over 100 years ago to help ensure teachers could retire with dignity. Today, many people who work at not-for-profits rely on our wide range of financial products and services to support and strengthen their financial well-being.

Privacy Notices

• For Applicants of TIAA, Nuveen and Affiliates residing in US (other than California), click here (https://www.tiaa.org/public/tiaa-nuveen-privacy) .

• For Applicants of TIAA, Nuveen and Affiliates residing in California, please click here (https://www.tiaa.org/public/tiaa-nuveen-ca-privacy) .

• For Applicants of Nuveen residing in Europe and APAC, please click here (https://www.tiaa.org/public/nuveen-eu-uk-privacy) .

• For Applicants of Greenwood residing in Brazil (English), click here (https://www.tiaa.org/public/support/privacy/applicants-greenwood-privacy) .

• For Applicants of Greenwood residing in Brazil (Portuguese), click here (https://www.tiaa.org/public/support/privacy/applicants-greenwood-portuguese-privacy) .

• For Applicants of Westchester residing in Brazil (English), click here (https://www.tiaa.org/public/support/privacy/applicants-westchester-privacy) .

• For Applicants of Westchester residing in Brazil (Portuguese), click here (https://www.tiaa.org/public/support/privacy/applicants-westchester-portuguese-privacy) .

Nondiscrimination & Equal Opportunity Employment

TIAA is committed to providing equal opportunity across all employment practices and we believe our employees have a right to a diverse and inclusive workplace.

EEO is the Law (https://assets.phenompeople.com/CareerConnectResources/TIAAGLOBAL/documents/22-088_EEOC_KnowYourRights-1688394514088.pdf)

Pay Transparency

Philadelphia Ban the Box (https://www.phila.gov/media/20210423160847/Fair-Chance-Hiring-law-poster.pdf)