Vacancy expired!
- Acts as the SME for Cloud Security providing guidance, direction and technical information to other Client technical teams.
- Designs, develops and implements cloud security policies, processes and standards.
- Provides expert consultation to project teams with regards to the application and implementation of Client security policies, procedures, standards and agreed architectures for cloud services.
- Designs, develops, reviews and builds security architectures for public, private, and hybrid Cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
- Coordinates and performs security audits on Client Cloud Services to maintain compliance with established security architectures, policies and practices taking into consideration legal and regulatory requirements.
- Proactively identifies vulnerabilities and assess security risks throughout Client Cloud Services to define and implement security controls and measures to protect Client data.
- Recommends, Implements, maintains, and supports security technologies and services used to monitor and protect Client clouds systems and services.
- Recommends and implements cloud security solutions to mitigate, prevent or reduce security exposures and potential security risks.
- Identifies, designs and deploys solutions to secure cloud usage, whether cloud-native or Commercial-Off-The-Shelf (COTS) solutions.
- Assists with the investigation of security incidents, recommends, and implements solutions to remediate or mitigate them.
- Maintains current knowledge of relevant security and privacy trends.
- Managing cryptography and encryption of data in the cloud.
- Designs, develops, or recommends integrated security solutions that will ensure that proprietary and confidential data, systems and services are protected.
- Bachelor's degree or equivalent experience Bachelor of Science degree in Cybersecurity, Information Security, Computer Science, or related field Req
- 7-10 years 7+ years of progressive experience with Cloud Infrastructure (Iaas, Paas, Saas, cloud technology security and with information security in hybrid-cloud environment supporting and maintaining security to protect data and reduce risk. Req And
- 7-10 years 7+ years of experience maintaining and supporting security tools, performing vulnerability and risk assessments including tracking and mitigating findings Req And
- 7-10 years 7+ years of experience implementing and enforcing security policies, standards, guidelines, and procedures in a complex hybrid cloud environment. Pref And
- Requires an Information Security Professional certification such as, but not limited to, CCAK, CCSP, Cloud+, AWS Certified Security Specialty Req Or
- Other professional certifications such as, but not limited to, CISSP, CySA+, PenTest+, CISA, GCLD, GWEB, GCSA, and GPCS are a plus. Req
- Knowledge and understanding of cloud security concepts, technologies, and best practices, including but not limited to, automation and secure containerization frameworks (e.g., Ansible, Terraform, Chef, Salt, Puppet, and Cloud Formation Templates), directory services (e.g., Active Directory, LDAP), SSO, One-Time Passwords (OTP), encryption technologies and forensics in a cloud environment.
- Knowledge of and implementation experience with cloud security technologies, architecture and best practices that includes hands-on experience hardening and security cloud environments.
- Knowledge of and implementation experience with security technologies, including but not limited to, firewalls (WAF or Perimeter) configuration, two factor authentication, PKI, malware and intrusion protection and detection tools.
- Demonstrated knowledge and understanding of information security industry trends and emerging technologies, and an ability to relate them to the company and its objectives.
- Demonstrated experience with vulnerability and risk management, including performing security scans and risk assessments to identify potential vulnerabilities, track the remediation of findings to reduce risks.
- Experience with cloud security, monitoring and auditing tools such as CASB, SIEM, AWS Security Hub, CloudTrail, CloudWatch, GuardDuty, Azure Security & Compliance Center, MS 365 Security & Compliance Center, OCI Cloud Security Monitoring, and Google Cloud Platform Security Command Center.
- Demonstrated experience and understanding of cybersecurity incident management and response procedures — must demonstrate ability to perform and respond well in crisis situations.
- Demonstrated knowledge and understanding of information security standards, guidelines and frameworks such as NIST, COBIT or PCI.
- Experience with maintaining compliance regulatory and legal requirements such as GDPR, PCI.
- Familiarity with application development life cycle models and issues, especially pertaining to security components and impact to cloud services.
- Fluent in one or more programming or scripting languages such as Bash, Powershell, Python, TCL, Java, PHP, Perl, C, and Visual Basic.
- Good verbal and written communication skills — Able to communicate, security and risk implications to technical and non-technical audiences.
- Ability to work independently managing multiple deadlines and deliverables
- Self-motivated and driven, capable of handling problems until resolved within accepted time tolerances — anticipates problems and identifies long-term implications of decisions and actions.
Vacancy expired!