Job Description
Implement and maintain security controls for cloud environments (Azure, AWS, GCP).

Monitor cloud workloads for vulnerabilities and compliance gaps.

Support secure migration and integration of cloud services during business transitions.

Support in the maintenance and implementation of enterprise-wide cybersecurity policies, standards, and procedures aligned with business objectives.

Oversee security risk assessments, communicate and address mitigations while ensuring the organization's cybersecurity risk posture

Ensure compliance with regulatory requirements and industry standards (SOC 2, ISO 27001, NIST, etc.)

Collaborate with IT and business stakeholders to embed "security by design" principles.

Be the primary liaison between incident response efforts and coordinate with IT teams during security events

Understand how to manage security tools including firewalls, SIEM, endpoint protection, and access controls

Assist with regular security audits, vulnerability assessments, and penetration testing

Track and report security metrics and KPIs to leadership

Support the third-party vendor security assessments process

Partner with business units to integrate security best practices into daily operations

Serve as the subject matter expert for security-related questions

Design and implement security controls across multi-cloud environments (AWS, Azure, GCP)

Conduct cloud security assessments and risk analyses for new cloud initiatives

Establish and maintain cloud security baselines and configuration standards

Design secure network segmentation strategies for business applications

Understand and support the zero-trust network architecture principles

Serve as primary security liaison for assigned business units

Translate technical security requirements into business-friendly language

Understand and drive security roadmaps aligned with business transformation goals

Qualifications:

Bachelor's degree in Cybersecurity, Information Technology, or related field

Relevant certifications (CISSP, CISM, CISA, or equivalent)

6+ years of experience in cybersecurity and risk management

Strong understanding of security frameworks, threat landscapes, and business operations

Ability to work independently and drive initiatives with minimal supervision

Strong knowledge of cloud security frameworks (CIS, NIST, ISO 27001) and network security principles