Security Engineer (Cloud)

About Nintendo of America:From the launch of the Nintendo Entertainment System more than 30 years ago, Nintendo's mission has been to create smiles through unique entertainment experiences. Here at Nintendo of America Inc., we deliver on this mission by partnering closely with Nintendo Co., Ltd., to bring Nintendo's iconic and cherished franchises includingMario, Donkey Kong, The Legend of Zelda, Metroid, Animal Crossing, PikminandSplatoonacross the Americas through our video games, hardware systems, and collaborations with partners on a range of other entertainment initiatives like feature films and theme parks.

Based in Redmond, Wash., Nintendo of America serves as headquarters for Nintendo's operations in the Americas. We are an equal opportunity employer offering a welcoming and inclusive environment in service to one another, our products, and the diverse consumers and communities we call home. For more information about Nintendo, please visit the company's website athttps://www.nintendo.com/.

Team Summary: This role is within Nintendo of America (NOA)'s IT Risk & Security department, whose functions include managing compliance governance, risk management governance, security governance and disaster recovery/business continuity governance. We also define, develop, and manage Information Security at NOA while coordinating with global security teams.

Description of Duties:

• Partners with the Cloud Platform team to define, implement, and continuously improve cloud security architecture and standards, ensuring secure-by-design patterns are embedded across cloud services and workloads.
• Provides security engineering guidance for cloud platform capabilities, including identity, network segmentation, logging, monitoring, and workload protection, to enable secure and scalable cloud adoption.
• Performs risk assessments, vulnerability management, penetration testing and remediation recommendations for cloud-based technologies and applications.
• Works closely with engineering teams to proactively identify and fix security flaws and vulnerabilities.
• Works with analysts to define the functional and technical needs of an organization and recommends solutions.
• Assesses available technologies to meet needs, defines technical specifications and designs.
• Develops and modifies technology systems, addressing functional, performance, security, quality, operations, and monitoring needs.
• Deploys and integrates system monitoring and detections for malicious activity for cloud environments with existing SIEM solution.
• Works with IT Teams to grow and implement organizational security standards and provide security recommendations for services.
• Participates in infrastructure and application architecture reviews and management, as well as provides guidance on security best practices and recommendations.
• Performs analysis of security events and logs.
• Performs security reviews of existing network infrastructure deployments to identify security gaps or vulnerabilities and recommend and prioritize remediation actions.
• Engages in incident response activities.
• Provides guidance on data analysis and reporting including use of complex analysis or machine learning.
• Integrates and builds upon existing automation, security operations, and monitoring systems.
• Ensures work is completed in such a way to comply with established compliance and other internal controls.

Summary of Requirements:

• Minimum of four (4) years of related experience in various security development technologies and practices.
• Professional experience with an architectural understanding of network security and application security.
• Experience with work on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors.
• Strong knowledge of networking concepts, protocols (TCP/IP, HTTP, DNS, TLS) and technologies including firewalls, TLS, IDS/IPS system, cryptographic systems, identity management systems, RADIUS, etc.
• Experience with programming/scripting (Python/Perl/bash/etc.).
• Strong understanding of networking topologies and protocols.
• Experience working in multiple security domains with a focus on risk-based analysis of anomalies, detection and response.
• Proven experience with work on complex security issues where analysis of situations or data requires an in-depth evaluation of variable factors.
• Undergraduate degree in Computer Science, a related field, or equivalent.
• Experience with responding to and management of security incidents, improving mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR) through process optimization and automation.
• Understanding of cloud security tooling and technologies (AWS, Wiz preferred)

Applicants must be legally eligible to work in the United States to be considered. Visa sponsorship is not available for this role.

This position is HYBRID in Redmond, WA. Hybrid positions require regular onsite work following the schedule and guidelines for their division.This position is not open to fully remote status at this time. Relocation assistance may be available.