When you click 'Apply', you will need to click on 'Create Account'. By creating an account, you will be able to view your applications and their statuses. Your password must contain 8 characters, 1 upper case letter, 1 number and 1 special character. Please make sure your name is formatted correctly and not in all uppercase.
Check It Out!
Ready to be a Cooper too? This might just be right up your alley!
We’re here to keep the dream of home ownership alive. Oh, and while we’re at it, we’re determined to change the lending industry itself. It’s simple, but it won’t be easy. And we’ll need a great team behind us. (That’s where you come in.) We want to show the world that transparency, candor and collaboration aren’t just good values. They’re good business. Working here isn’t for people who want to punch a clock. It’s for people who want to punch a hole in the status quo. Come join us. And make a difference instead of just a living.
The Principal Cloud Security Engineer position reports to the Information Security VP and is a key member of the Global Information Security team supporting the Engineering and Infrastructure Technology organizations.
The ideal candidate should have experience with multiple cloud (e.g. AWS, Azure, GCP) services; DevOps practices such as container security, secure SDLC/DevSecOps practices, automating security processes in a CI/CD pipeline. This position is an individual contributor/ SME in support of various public cloud initiatives, and is a key business enabler to provide information security risk analysis and strategic recommendations for the ongoing improvement of Information Security within Mr. Cooper’s public cloud environments.
Roles & Responsibilities:
- Consult on, and provide requirements for critical projects and initiatives to integrate cybersecurity into the organizational adoption of public cloud
- Partner with IT Engineering & Operations team leads to create, implement, and apply DevSecOps principles and processes that are consumed by various IT engineering and operational delivery teams.
- Develop formalized security requirements and translate into DevSecOps initiatives by providing objective ideas and formalized requirements
- Develop and execute Information Security strategies to proactively identify and drive remediation of public and hybrid cloud risks
- Develop and manage program metrics and performance through tracking/reporting and active engagement with stakeholders for continuous service improvement
- Act as point of contact to executive leadership for managing, and driving remediation of information security risk within for public cloud environments
- Improve the efficiency of information security processes and advance the effectiveness of the information security controls of the operating model
- Work with information security and DevOps teams in presenting recommendations for improvement to cloud security.
- Bachelor's degree or equivalent experience required
- At least 5 years of experience in information security or information technology management, and at least 2 years of experience in Cloud security, including assessment, audit, and remediation
- Excellent problem solving abilities and analytical skills. Ability to see the big picture with high attention to critical details
- Results oriented, is able to achieve desired outcomes independently and at appropriate priority levels
- Has a track record of effectively managing multiple tasks in a dynamic environment
- Ability to work under pressure, meet challenging deadlines
- Demonstrated ability to work effectively both as part of a team and independently
- Effective communicator; has excellent writing and verbal skills
- Has the ability to influence others and shape the desired outcome in areas outside of direct control
- Demonstrated ability to develop and implement process improvement initiatives.
- Generalist with a technical background in IAM, Logging/monitoring, operating systems, security technologies, and network architectures
- Direct hands-on experience in securing public cloud providers, such as Amazon AWS, Azure, and GCP
- Working knowledge of Agile, or DevSecOps SDLC methodologies
- Working knowledge of GIT, Azure Compliance Manager, Cloud Formation, Terraform, and other Agile CI/CD tooling
- Experience with container security and orchestration of web services (Docker, Puppet, etc.)
- Working knowledge of key cybersecurity technologies such as: firewalls, intrusion detection system (IDS), content filtering, end-point protection (AV, EDR, MDM), data loss prevention (DLP), encryption, threat & vulnerability management (TVM), and security information and event management (SIEM)
- Experience and understanding of information security and financial regulatory compliance requirements, such as NYDFS, CCPA, Sarbanes-Oxley Act (SOX)
- Knowledge of common information security management frameworks, such as ISO/IEC 27001/2, COBIT, and NIST, including SP800-53 and the Cloud Security Alliance (CSA).
- Professional Certifications attained or strong desire to acquire: CISSP, CCSP, CISA, CISM.
- Cloud Computing certifications such as CCSK, AWS CSA, MCSA/MCSE Cloud Platform, and GCP a plus
Mr. Cooper is committed to nurturing a diverse and inclusive environment where every employee is empowered to be their authentic self. We know that a large part of our success as a business is directly tied to our ongoing efforts to attract and retain diverse talent and maintain an inclusive environment where each employee can thrive. Embracing and leveraging diversity through an inclusive work environment fosters new ideas, new insights, and constant innovation. We strive to weave the principles of diversity and inclusion throughout the fabric of how we work, how we interact, and how we engage with our customers and the community.
Job Requisition ID:
Primary Location City:
Primary Location Region:
Primary Location Postal Code:
Primary Location Country:
United States of America
Line of Business:
Additional Posting Location(s):
This position reports to an Information Security VP and is a key member of the Global Information Security team supporting the Engineering and Infrastructure Technology organizations.
Ideal candidate should have experience with multiple cloud (e.g. AWS, Azure, GCP) services; DevOps practices such as container security, secure SDLC/DevSecOps practices, automating security processes in a CI/CD pipeline. This position is an individual contributor/ SME in support of various public cloud initiatives, and is a key business enabler to provide information security risk analysis and strategic recommendations for the ongoing improvement of Information Security within Mr. Cooper’s public cloud environments.