Description

Requirements:

  • You have 8+ years of prior experience in IT in network security, information security and infrastructure in a high-tech environment.
  • 5+ years architecting and implementing security and DevSecOps on public cloud solutions (AWS or Google Cloud Platform).
  • Work experience as a Cloud Security Architect or similar role in a cloud native environment.
  • Deep hands-on experience leading the design and deployment of technology infrastructure and associated security controls.
  • Experience in solutions for data security, data masking, data classification, data anonymization.

Responsibilities:

  • Provide domain expertise around public cloud and enterprise technology.
  • Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environments (AWS/AzureP).
  • Update security tools for logging/monitoring and growing coverage of existing tools.
  • Make recommendations to management on enhancements to existing and new security software or related tools.
  • Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current tool sets.
  • Help implement and maintain next-generation enterprise protection tools and malware detection technologies.
  • Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration and implementations.
  • Make recommendation on secure integration strategies, global enterprise architectures and application infrastructure based on best practices.
  • Develop security architecture strategies that align to enterprise architecture strategy and that of the business strategy for cloud.
  • Develop in depth security architecture standards, frameworks and design patters spanning all layers of security in the cloud from host, server and network to application and data security.
  • Contributes to the development and implementation of security technology solutions for complex environment and architecture.
  • Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risk and recommends solutions to mitigate them.
  • Perform audits and vulnerability assessments.
  • Develop, perform, and analyze vulnerability assessments and penetration tests using generally accepted tools, and recommend remediations.
  • Review and enhance security policies that cover cloud platforms.
  • Perform IT risk assessments, incident investigations, root cause analyses, and forensics.
  • Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements.
  • Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details in order to assess and recommend security control improvements or identify mitigating controls.
  • Assist with remediation of control deficiencies identified during the audit process.
  • Develop incident response process that effectively prioritizes by highest risk.
  • Develop technical solutions to help mitigate security vulnerabilities.
  • Perform security engineering for complex, multi-platform systems, datacenters, Google Cloud Platform and multi cloud environments.
  • Participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain, eradicate and recover from security incidents in a timely manner, within the Cloud Operations and Corporate IT environments