You have 8+ years of prior experience in IT in network security, information security and infrastructure in a high-tech environment.
5+ years architecting and implementing security and DevSecOps on public cloud solutions (AWS or Google Cloud Platform).
Work experience as a Cloud Security Architect or similar role in a cloud native environment.
Deep hands-on experience leading the design and deployment of technology infrastructure and associated security controls.
Experience in solutions for data security, data masking, data classification, data anonymization.
Responsibilities:
Provide domain expertise around public cloud and enterprise technology.
Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environments (AWS/AzureP).
Update security tools for logging/monitoring and growing coverage of existing tools.
Make recommendations to management on enhancements to existing and new security software or related tools.
Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current tool sets.
Help implement and maintain next-generation enterprise protection tools and malware detection technologies.
Ensure security standard methodologies are identified and integrated into all facets of projects including network, system designs/configuration and implementations.
Make recommendation on secure integration strategies, global enterprise architectures and application infrastructure based on best practices.
Develop security architecture strategies that align to enterprise architecture strategy and that of the business strategy for cloud.
Develop in depth security architecture standards, frameworks and design patters spanning all layers of security in the cloud from host, server and network to application and data security.
Contributes to the development and implementation of security technology solutions for complex environment and architecture.
Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risk and recommends solutions to mitigate them.
Perform audits and vulnerability assessments.
Develop, perform, and analyze vulnerability assessments and penetration tests using generally accepted tools, and recommend remediations.
Review and enhance security policies that cover cloud platforms.
Perform IT risk assessments, incident investigations, root cause analyses, and forensics.
Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements.
Evaluate risks that the applicable vulnerabilities pose to the organization and understand the technical implementation details in order to assess and recommend security control improvements or identify mitigating controls.
Assist with remediation of control deficiencies identified during the audit process.
Develop incident response process that effectively prioritizes by highest risk.
Develop technical solutions to help mitigate security vulnerabilities.
Perform security engineering for complex, multi-platform systems, datacenters, Google Cloud Platform and multi cloud environments.
Participate in the Security Incident Response Team (SIRT) activities, helping SIRT to detect, respond, contain, eradicate and recover from security incidents in a timely manner, within the Cloud Operations and Corporate IT environments