Information Security - Information Security Engineer 4 - Contingent

Description: In this contingent resource assignment, you may: Consult on complex initiatives with broad impact and large-scale planning for Information Security Engineering. Review and analyze complex multi-faceted, larger scale or longer-term Information Security Engineering challenges that require in-depth evaluation of multiple factors including intangibles or unprecedented factors. Contribute to the resolution of complex and multi-faceted situations requiring solid understanding of the function, policies, procedures, and compliance requirements that meet deliverables. Strategically collaborate and consult with client personnel. Required Qualifications: 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work or consulting experience, training, military experience, education.

LOCATIONS:
• Charlotte: 300 S. Brevard St., Charlotte, NC D1044-087 142019 (300 South Brevard)
• Phoenix: 2600 S. Price Rd., Chandler, AZ S3929-025 102462 (Chandler Campus - Bldg. B)
• Dallas: 401 Las Colinas Blvd W Bldg A, Irving, Texas 75039

*** is seeking an experienced Lead Information Security Engineer (Information security Engineer 4 - Contingent) to join our Cloud Workload Lifecycle Security (CWLS) team, within the Cybersecurity - Vulnerability & Patch Management organization. Be a part of one of the core teams working on ***'s digital transformation; join our dynamic, diverse, fast-paced team environment where we secure and reduce risk for our Enterprise cloud migration. The Information security Engineer 4 - Contingent - Containers/Kubernetes Engineer will support the WF migration from Prisma Cloud Enterprise to the Wiz CNAPP (Cloud Native Application Protection Platform) tool, with specific focus on Cloud Workload Protection Platform or the CWPP module of the Wiz product. This area of our team specializes in engineering and support for Public & Private Cloud containers/Kubernetes envs. (TAS/OCP/GKE/AKS) to operate vulnerability and compliance scanning for runtime images and images in container image registry, along with the associated integrations to partner systems for logging, delivery of Findings, etc.

KEY RESPONSIBILITIES:
• Implement, configure, and manage the Wiz CNAPP platform across multi cloud environments (AWS, Azure, GCP, Kubernetes).
• Onboard cloud accounts, subscriptions, projects, and Kubernetes clusters into Wiz.
• Partner with DevSecOps and Platform teams to integrate Wiz into:
o CI/CD pipelines
o Container and Kubernetes workflows
• Deploy and manage Wiz Sensor in large scale for enhanced workload and Kubernetes visibility, including host level telemetry, vulnerability detection, and configuration assessment.
• Automate Wiz Sensor onboarding and lifecycle management to ensure consistent, repeatable deployments.
• Automate sensor upgrades, health validation, and drift detection to maintain coverage and minimize operational overhead.
• Enabling and operating Wiz Container Registry Scanning across enterprise container registries (e.g. ACR, GCR, Artifactory).
• Enable and tune Wiz detection for:
o Vulnerabilities (Containers, serverless)
o Container Security events
o Network exposure and attack paths
• Act as the subject matter expert (SME) for Wiz capabilities, roadmap features, and best practices specific to CWPP.
• Support vulnerability and exposure management programs by validating findings and reducing false positives.
• Troubleshoot and resolve support escalation cases related to Wiz CSPM.
• Contribute to internal code repositories to continuously improve overall code quality for the team.
• Be a motivated self-starter, quick to adapt and stay focused on delivering results in a fast-paced environment with aggressive deadlines.
• Work effectively with a virtual Team consisting of members across various locations in the U.S. and India.

REQUIRED SKILLS:
• 5+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 4+ years of experience in Cloud Security/Engineering and DevSecOps
• 2+ years of practical experience and strong understanding of Azure & Google public cloud - platforms, services, configurations, workloads & hardening practices
• Hands on experience deploying &/or doing admin for Wiz in large environments
• Strong understanding of Azure/GCP architecture, Kubernetes and container security concepts, IAM, networking, and cloud-native services
• Advanced experience with Python programming/automation
• Familiarity with CI/CD tools (GitHub Actions, GitLab CI, Jenkins, Azure DevOps)
• Strong verbal and written communication skills
• Proven ability to work independently, as well as having strong interpersonal skills to work effectively within a Team and with partners
• Strong analytical skills, proven critical thinking capabilities and ability to solve complex problems with minimal direct oversight
• Intermediate to advanced experience working with Client Office products (e.g. Word, Excel, PowerPoint, Visio, Outlook, MS Teams, SharePoint)
• Ability to handle multiple, high priority deliverables concurrently
• Ability to communicate confidentially, professionally, and effectively, in both written and verbal formats, with stakeholders and partners
• 1+ year experience working on teams practicing Agile Scrum or Kanban methodologies

DESIRED SKILLS:
• Experience integrating CNAPP tools with SIEM/SOAR platforms
• Background in vulnerability management or application security
• Experience supporting regulated or enterprise environments
• Experience with change and incident management practices in large enterprises
• Familiarity with various cloud security and related risk frameworks (Cloud Security Alliance (CSA), CIS, NIST, etc.)
• Experience with change and incident management practices in large enterprises
• Security certifications such as Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), or equivalent, CISA, CISM, CISSP, CRISC, CCSK
• Client Azure and/or Google Cloud Certifications
• Kubernetes Security (CKS) certification