Role Value Proposition:
This role serves as a key member of the cloud security team, within IT Risk and Security, focusing on security controls for the cloud environment. The primary focus will be securing cloud technologies, ensuring systems are properly implemented, appropriate processes are developed, and daily monitoring and alerts are managed. This role must have a strong understanding of, and experience with, various IaaS, PaaS, and SaaS platforms, identifying and eliminating risks in these environments.
- Partner with architecture, engineering, application, security, and operational staff to identify and drive resolution on Cloud security projects and issues
- Conduct Security reviews and recommendation for IaaS, PaaS, & SaaS Cloud environments
- Monitor cloud services to ensure the latest security improvements can be implemented.
- Remediate issues around misconfigurations that might arise out of improper coding practices.
- Keep up to date and learn new technologies/Cloud Platforms and ability to understand how security controls are implemented in the Cloud.
- Evaluate Network Security and Encryption protocols and make recommendations
- Interface with vendors to ensure the appropriate tools, configurations, and workflows are in place
- Develop data protection proposals using Data loss prevention (DLP), Data discovery / classification, and digital rights management (DRM) tools.
Essential Business Experience and Technical Skills
- 5+ years in information Security domains
- 2+ Years of Experience with any of the major public Cloud platforms (AWS/Azure/GCP) and ability to translate different security domains into controls at different layers within the cloud.
- 2+ Years Experience with cloud security technologies, processes, and best practices.
- 1+ years of Experience in one or more of the scripting tools (Python, Terraform, Powershell).
- 2+ Years of experience with Design and implementing Cloud Native Security controls.
- 2+ years of Experience with Active Directory/Azure Active Directory.
- Industry recognized cloud security certification (CCSP, CCSK, CCC-PCS, etc.)
- Industry recognized information security and/or cloud certification (CISSP)
- Cloud Access Security Broker (CASB)
- Strong ability to communicate to stakeholders with various levels of expertise
- Strong record of success in supporting large scale programs, preferably in a global organization.
- Excellent verbal and written communication skills
- BA/BS degree in related field