Description

Required skills

  • Accountable for translating private cloud implementation into a well-defined blueprint that uses Cloud Security Products to enhance  IT security. Understands the vision and enabler to autonomously cater to user needs.
  • In-depth knowledge of system design and architecture with the technologies and experience implementing a wide range of solutions
  • Delivered hybrid cloud architectures that are secure, resilient, scale and adhere to best-practice procedures. (AWS, Microsoft Azure, GCP)
  • Deep understanding of cloud computing principles, including virtualization, containerization, microservices, and serverless computing; Risk Management, RHCOS security, container security, Kubernetes security, IAM security, network security, auditing, encryption, secrets management and data protection, securing CI/CD
  • Manage the selection and architecture of cloud security tools and controls, including existing enterprise tools that can extend into the cloud, cloud-native security controls and third-party offerings.
  • Develop IAM architectures where Identity becomes the new perimeter and moves defenses from static, network-based perimeters to focus on users, assets, and resources. (IGA, IDaaS, PAM, MFA)
  • Advances knowledge of Identity Security concepts, least-privilege, separation of duties, and Zero trust design principles.
  • Experience with IAM Policy ‘as code’ ; OPA – Open Policy Agent (Styra Enterprise version of OPA); Cedar – Aws opensource policy agent
  • Ability to be a technically strong individual with an IT Security background who has demonstrated skill in managing product teams; solid understanding of how IT Security enhances Digital Transformation and identifies new ways of helping bring new business solutions to market while remaining secure
  • Leading a team of IAM, network structuring, and enhancing the self-service experience.
  • Act as a Thought Leader to stakeholders such as CISOs and executive sponsor with regards to emerging technologies and market trends
  • Accountable for customer orientated communications plan, focusing on strategic business value
  • Work closely with the project team, CISO to manage and govern security forums with CISOs, NITSOs, CIOs and CTOs

Frameworks:

  • ISO 27001, NIST CSF, NIST SSDF, CIS controls, OWASP Top 10, SAMM, GDPR, SOX type 1 & 2, TOGAF

Qualifications:

  • Minimum 15 years of qualified experience
  • Bachelor's degree in computer science(s), information technology/security, systems engineering or relevant work experience
  • Good to have Professional certifications in information technology and cloud security -- CISSP preferred CISM (optional), CCSP (optional), CISA (optional), CEH (optional), OSCP (optional); Architect Certification,


 

Education

Bachelor's degree