The AES Cyber Security Team is looking for a Cloud Security Manager to provide hands on leadership in defining cloud security strategy and requirements; and then implementing our cloud continuous monitoring solution. This solution will be used to measure and enforce AES’s security policies and detect threats across both GCP And Azure. This candidate will work across our Cloud Center of Excellence, Security Engineering, Security Architecture, Incident Response, and Governance, Risk, and Compliance functions in the implementation of the solution.
- Manage a small team of security analysts through a direct or matrixed environment
- Develop company Cloud security strategy for IaaS, PaaS, and SaaS
- Be the subject matter expert for various teams to rely on vis-a-via cloud security
- Design and implement cloud security continuous monitoring solution
- Responsible for technical development/testing standards within the team
- Work with the Cloud owners to understand Cloud vision and requirements
- Work closely with the Strategic Business Units, Cloud Center of Excellence, Security Architecture, and Governance teams to codify security policies across the AES GCP and Azure environments
- Assist in developing automated runbooks to remediate policy findings
- Bring a passion to stay on top of latest technologies; identify and lead the team through opportunities to improve our cloud security portfolio with latest technology as appropriate
- 5+ years development experience with programming languages such as Python, Go, Java, etc.
- 3+ years’ experience developing tools on, or hardening of, Azure or GCP platforms
- Experience with software build, deployment, and configuration technologies
- Ability to pick up new technologies and languages quickly as projects require
- Strong problem-solving skills
- Good personal communication skills are vital
- Information Systems, Computer Science Bachelor's Degree OR equivalent experience
- Experience working with Information Security teams and technologies
- Experience working with cloud continuous monitoring solutions
- Experience with security related regulatory requirements in the cloud such as NIST, NERC-CIP, PCI, etc.