$80K — $100K *
Please review the following job description:
As an advisor in the Truist Cloud Security Advisory Services group, you will be responsible for the continuous integration of the cloud security strategy and governance framework for the Truist cloud program. This role works with multiple stakeholders in first and second line defenses to ensure that all cloud initiatives adhere to cloud security standards and approved architecture patterns.
Serve as a cloud security SME for high visibility cloud initiatives.
Collaborate with multiple security stakeholders, including Architecture, Engineering, and Operations to determine organizational standards and security controls.
Partner with Divisional CISOs to properly assess and communicate risks to cloud deployments.
Champion the "shift-left" of security by working with DevOps teams to implementing security and compliance into CI/CD pipelines.
Lead remediation efforts of cloud risks and vulnerabilities.
Test and assess new cloud services to determine the inherent risk introduced to the organization along with the development safeguards and baseline controls.
Minimum of 5 years of IT security focused experience
Minimum of 3 years working with/implementing cloud solutions such as Azure, AWS, O365
Subject matter expertise in multiple domains, including cloud security, web security, and mobile security
Expertise in cloud architecture and security fundamentals including containers, software-defined networks, high availability design, multi-cloud, and serverless compute.
Experience working with cloud security management / governance tools, cloud services, cloud access security brokers and 3rd party hosted services.
Knowledge of risk management standards and procedures.
Highly effective in developing and communicating audience appropriate information to technical, management, and executive audiences.
Proven ability to build and maintain strong enterprise relationships with internal and external teams/resources.
Prior experience that includes successful design, implementation and operation of enterprise information security service capabilities and functions in large scale, technically complex organizations.
In-depth experience with enterprise security controls including malware, protection, firewalls, intrusion detection systems, content filtering, internet proxies, encryption controls, and log management solutions.
Ability to work as part of a team and independently with limited supervision.
Ability to prioritize work and meet deadlines.
Ability to lead, mentor, and train others.
Deep knowledge of cloud operational models and secure SaaS architecture in a world of containerized microservices.
Experience in a highly regulated industry sector (e.g. Government, Energy, Carrier-Telecommunications)
IT security or Cloud certifications are preferred, to include, but not limited to: CISSP, CCSP, CCSK, Certified Cloud Professional/Architect, Azure Security Certifications
Knowledge of compliance requirements for industry standard certifications like PCI DSS, SOC2, HIPAA, FedRAMP
Valid through: 7/16/2020