What if you could build a career where ambition meets innovation? At LPL Financial, we empower professionals to shape their success while helping clients pursue their financial goals with confidence.
What if you could have access to cutting-edge resources, a collaborative environment, and the freedom to make an impact? If you’re ready to take the next step, discover what’s possible with LPL Financial.

WHAT ARE WE LOOKING FOR?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

REQUIREMENTS:

• 5+ years of Cloud experience specifically working with AWS and Azure environments
• 5+ years of experience managing and using Cloud Security Posture Management and External Attack Surface Management scanning tools such as Wiz, XPanse, Prisma, Laceworks, Orca
• 5+ years of experience with reviewing, analyzing, managing, and remediating security vulnerabilities and misconfigurations in cloud resources
• 1+ years of experience specifically working with Infrastructure as Code (Terraform) and helping to secure automated Cloud deployment pipelines
• 1+ years of experience using Cloud Security and IAC scanning tools

• Develop and implement an end-to-end process for managing cloud vulnerabilities, misconfigurations, and external exposures
• Implement and maintain appropriate controls within the CI/CD pipelines used to deploy cloud resources to ensure that resources are securely designed and deployed
• Review Infrastructure as Code scripts and code repositories using Terraform to identify potential security issues or noncompliance with coding best practices
• Implement and maintain tools to perform automated security scanning/analysis of Infrastructure as Code, containers, and serverless functions
• Review, implement, and maintain cloud security posture management policies to identify misconfigurations or vulnerabilities in cloud resources
• Develop and maintain a framework for assessing and prioritizing cloud security and external attack surface management alerts based on risk
• Work with appropriate remediation teams to prioritize remediation efforts, review potential false-positives and evaluate potential mitigating factors
• Automate the communication of cloud security and attack surface management alerts to remediation stakeholders for actioning by configuring integrations with issue tracking tools
• Produce and track routine reports/metrics on cloud vulnerabilities and misconfigurations
• Partner with Security Engineering to implement and manage Cloud Security Posture Management tools to perform automated security scanning/analysis of cloud resources, including containers and serverless functions
• Implement and manage external attack surface management tool policies
• Monitor and review CVEs, industry developments, and provide inputs for continuous improvement
• Work with Internal Audit, IT Governance, IT Compliance and other key stakeholder groups on specific projects to ensure compliance with applicable regulatory requirements
• Act as an SME in the area of Cloud Security and external attack surface management