Accountable for translating private cloud implementation into a well-defined blueprint that uses Cloud Security Products to enhance IT security. Understands the vision and enabler to autonomously cater to user needs.
In-depth knowledge of system design and architecture with the technologies and experience implementing a wide range of solutions
Delivered hybrid cloud architectures that are secure, resilient, scale and adhere to best-practice procedures. (AWS, Microsoft Azure, GCP)
Deep understanding of cloud computing principles, including virtualization, containerization, microservices, and serverless computing; Risk Management, RHCOS security, container security, Kubernetes security, IAM security, network security, auditing, encryption, secrets management and data protection, securing CI/CD
Manage the selection and architecture of cloud security tools and controls, including existing enterprise tools that can extend into the cloud, cloud-native security controls and third-party offerings.
Develop IAM architectures where Identity becomes the new perimeter and moves defenses from static, network-based perimeters to focus on users, assets, and resources. (IGA, IDaaS, PAM, MFA)
Advances knowledge of Identity Security concepts, least-privilege, separation of duties, and Zero trust design principles.
Experience with IAM Policy ‘as code’ ; OPA – Open Policy Agent (Styra Enterprise version of OPA); Cedar – Aws opensource policy agent
Ability to be a technically strong individual with an IT Security background who has demonstrated skill in managing product teams; solid understanding of how IT Security enhances Digital Transformation and identifies new ways of helping bring new business solutions to market while remaining secure
Leading a team of IAM, network structuring, and enhancing the self-service experience.
Act as a Thought Leader to stakeholders such as CISOs and executive sponsor with regards to emerging technologies and market trends
Accountable for customer orientated communications plan, focusing on strategic business value
Work closely with the project team, CISO to manage and govern security forums with CISOs, NITSOs, CIOs and CTOs
Frameworks:
ISO 27001, NIST CSF, NIST SSDF, CIS controls, OWASP Top 10, SAMM, GDPR, SOX type 1 & 2, TOGAF
Qualifications:
Minimum 15 years of qualified experience
Bachelor's degree in computer science(s), information technology/security, systems engineering or relevant work experience
Good to have Professional certifications in information technology and cloud security -- CISSP preferred CISM (optional), CCSP (optional), CISA (optional), CEH (optional), OSCP (optional); Architect Certification,