Job Description

We are Lennar 

Lennar is one of the nation's leading homebuilders, dedicated to making an impact and creating an extraordinary experience for their Homeowners, Communities, and Associates by building quality homes and providing exceptional customer service, giving back to the communities in which we work and live in, and fostering a culture of opportunity and growth for our Associates throughout their career. Lennar has been recognized as a Fortune 500® company and consistently ranked among the top homebuilders in the United States.

Join a Company that Empowers you to Build your Future

The Sr. Cloud Security Engineer is responsible for designing, implementing, and maintaining cybersecurity solutions that protect the organization’s information technology infrastructure.  The Sr. Cloud Security Engineer is a key contributor in complex initiatives focused on delivering advanced. comprehensive cloud security solutions for the enterprise. The position will collaborate closely with other senior security engineers, architects, and various engineering disciplines to ensure that adequate cloud security solutions are designed, implemented, and configured appropriately.

• A career with purpose.

• A career built on making dreams come true.

• A career built on building zero defect homes, cost management, and adherence to schedules.

Your Responsibilities on the Team 

Cloud Security:

• Demonstrate leadership and technical expertise in planning, ownership, & management of the Organization’s cloud security strategy.

• Lead the design, implementation, and management of cloud security solutions such as:

  • Core security capabilities for protecting IaaS, PaaS, & SaaS services

  • Cloud Security Posture Management (CSPM)

  • Cloud Access Security Broker (CASB)

  • Cloud-Native Application Protection Platforms (CNAPP)

  • Security Service Edge (SSE)

• Provide expertise and guidance with securing cloud-native application development and delivery platforms (DevOps, CI/CD) with demonstrated strength in DevSecOps tooling (SAST, DAST).

• Ensure that adequate security tools and controls are deployed for effective protection throughout the Organization’s cloud environments

• Satisfy any legal, compliance, and regulatory requirements related to cloud security controls.

• Ensure the development of and adherence to security policies, standards, procedures, and best practices in all areas of cloud security engineering and operations.

• Contribute to the development of the Cybersecurity Program and Security Engineering and Architecture roadmaps.

• As it relates to Cloud Security, collaborate and provide input to Lennar’s Cybersecurity teams in the areas of Risk Management, Compliance, and Incident Response.

• Promotes and facilitates effective communication between Security Engineering & Architecture, Enterprise Architecture, Infrastructure, and other departments and/or business units.

• Assist in the acquisition and risk assessment, procurement, and evaluation of new vendor and product selections.

• Evaluate and recommend new and emerging services and technologies.

• Assist with remediation efforts and recommendations as it relates to external and internal security audits.

• Participate as an active member of the Security Incident Response Team, including post-mortem investigation activities.

• May provide mentorship and support to various junior security engineers and security operations team members.

Requirements

• Education: Bachelor’s degree required in Computer Science, Cybersecurity, Engineering, or related field. Master’s degree preferred.

• Experience:

  • 3 – 5+ years of relevant work experience in cloud security engineering, cloud network solutions, and cloud-native application security testing tools

  • 3 – 5+ years of experience with implementing and managing security technologies in a mid to large-scale enterprise environment.

  • 3 - 5+ years of experience with securing IaaS/PaaS/SaaS resources hosted in public cloud environments (AWS, Microsoft Azure, Oracle OCI).

  • 3+ years of experience with DevSecOps components, including a strong understanding of DevOps and a Software Development Lifecyle, implementation of static/dynamic application testing solutions, and application vulnerability discovery/assessment/remediation support.

  • Experience securing SaaS cloud-delivery platforms (i.e. Microsoft 365, Salesforce, Box.com) with CASB, CSPM, and similar technologies.

• Certifications: Certified Information Systems Security Professional (CISSP), Azure Security Engineer Associate, AWS Certified Security-Specialty, Certified Cloud Security Professional (CSSP), GIAC Cloud Security Automation (GCSA), AWS Solutions Architect Professional, Certificate of Cloud Security Knowledge (CCSK), or similar advanced security certifications preferred.

Additional Skills, Knowledge, and Experience:

• Expert knowledge of cloud identity and access controls, including federation between on-premises identities and cloud platforms.

• Expert knowledge of cloud network security fundamentals, including securing VNET/VPC’s, Web Application Firewalls, and cloud-native Firewall-as-a-Service solutions.

• Experience with Security Information and Event Management Systems (SIEM) and log management systems (Splunk, Exabeam, Microsoft Sentinel).

• Experience with Threat & Vulnerability Management solutions (Rapid7, Nessus, Qualys).

• Ability to analyze and communicate strengths, weaknesses, and derive recommendations for enhancing the organization’s cloud security posture.

• Experience identifying and analyzing emerging and advanced threats, with a focus on cloud and application layer attack vectors (OWASP Top -10, secure coding practices).

• Experience with OWASP Software Assurance Maturity Model, Cloud Security Maturity Model (CSA), or similar tools to perform maturity assessments of cloud and application security programs.

• Proficient skills in creating visual design documentation (Visio, Lucid), process and data flow diagrams, and high / low-level engineering designs.

• Proficient verbal and written communication skills, including visualizations and complex analytics, applicable for leadership and executive-level presentations.

• Extensive knowledge and experience with adhering to network security standards, security frameworks, security baselines, and security controls. Experience with industry-specific standards and frameworks desirable (NIST, ISO, CIS, CSA).

• Maintain and foster productive communication channels with security solution partners, vendors, service providers, and consulting entities.

• Ability to facilitate productive meetings and work successfully in a team-oriented environment.

Personal Attributes:

• Team Player: Ability to work collaboratively with senior engineers, IT teams, and other stakeholders to achieve shared goals.

• Communication: Effective written and verbal communication skills, with the ability to explain technical concepts to non-technical audiences.  Ability to leverage communication skills to ensure a strong commitment to customer service.

• Detail-Oriented: Strong attention to detail and consideration of the non-technical components necessary for successfully executing projects and initiatives.

• Adaptability: Ability to balance multiple competing prioities in a fast-paced environment.

• Minimal Supervision: Ability to work and make decisions independently with a positive and self-motivated drive. Ability to exercise sound judgement in complex situations.

Additional Requirements:

• Continuous Learning: Commitment to staying current with industry trends and pursuing relevant certifications and training.

• Travel: Willingness to travel occasionally to support network installations or upgrades at remote locations.

This role is ideal for a motivated cloud security engineer looking to provide technical leadership in support of the organization’s growth and continued expansion of operating business services across multiple, integrated cloud environments.  This role is vital in establishing cloud security solutions that protect these business operations and support the growth and direction of the organization. If you are passionate about cybersecurity and eager to grow in a fast-paced, collaborative environment, we encourage you to apply.

Physical & Office/Site Presence Requirements:

This is primarily a sedentary office position which requires the incumbent to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary. 10-20% of travel is required.

This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associates. Duties, responsibilities and activities may change at any time with or without notice.

Life at Lennar

At Lennar, we are committed to fostering a supportive and enriching environment for our Associates, offering a comprehensive array of benefits designed to enhance their well-being and professional growth. Our Associates have access to robust health insurance plans, including Medical, Dental, and Vision coverage, ensuring their health needs are well taken care of. Our 401(k) Retirement Plan, complete with a $1 for $1 Company Match up to 5%, helps secure their financial future, while Paid Parental Leave and an Associate Assistance Plan provide essential support during life's critical moments. To further support our Associates, we provide an Education Assistance Program and up to $30,000 in Adoption Assistance, underscoring our commitment to their diverse needs and aspirations. From the moment of hire, they can enjoy up to three weeks of vacation annually, alongside generous Holiday, Sick Leave, and Personal Day policies. Additionally, we offer a New Hire Referral Bonus Program, significant Home Purchase Discounts, and unique opportunities such as the Everyone’s Included Day. At Lennar, we believe in investing in our Associates, empowering them to thrive both personally and professionally. Lennar Associates will have access to these benefits as outlined by Lennar’s policies and applicable plan terms. Visit Lennartotalrewards.com to view our suite of benefits.

Join the fun and follow us on social media to see what's happening at our company, and don't forget to connect with us on Lennar: Overview | LinkedInhttps://www.linkedin.com/company/lennar/> for the latest job opportunities.

Lennar is an equal opportunity employer and complies with all applicable federal, state, and local fair employment practices laws.