- Salary: $90000 - $120000
- Citizenship: Not Provided
- Incentives: Bonus
- Education: Not Provided
- Travel: No Travel
- Telework: Full Telecommute
Role Value Proposition:
This role serves as a key member of the cloud security team, within IT Risk and Security, focusing on security controls for the cloud environment. The primary focus will be securing cloud technologies, ensuring systems are properly implemented, appropriate processes are developed, and daily monitoring and alerts are managed. This role must have a strong understanding of, and experience with, various IaaS, PaaS, and SaaS platforms, identifying and eliminating risks in these environments.
- Partnering with architecture, engineering, application, security, and operational staff to identify and drive resolution on Cloud security projects and issues
- Security reviews and recommendation for IaaS, PaaS, & SaaS Cloud environments
- Ability to continuously monitor cloud services to ensure the latest security improvements can be implemented.
- Ability to remediate issues around misconfigurations that might arise out of improper coding practices.
- Willingness to learn new technologies/Cloud Platforms and ability to understand how security controls are implemented in the Cloud.
- Network Security and Encryption evaluation and recommendations
- Interfacing with vendors to ensure the appropriate tools, configurations, and workflows are in place
- Data protection proposals using Data loss prevention (DLP), Data discovery / classification, and digital rights management (DRM) tools.
Essential Business Experience and Technical Skills:
- 5+ years in information Security domains
- 2+ Years of Experience with any of the major public Cloud platforms (AWS/Azure/GCP) and ability to translate different security domains into controls at different layers within the cloud.
- 2+ Years Experience with cloud security technologies, processes, and best practices.
- 1+ years of Experience in one or more of the scripting tools (Python, Terraform, Powershell).
- 2+ Years of experience with Design and implementing Cloud Native Security controls.
- 2+ years of Experience with Active Directory/Azure Active Directory.
- Industry recognized cloud security certification (CCSP, CCSK, CCC-PCS, etc.)
- Industry recognized information security certification are preferred (CISSP GREM GPEN CASP GSEC CISM CySA etc.)
- Cloud Access Security Broker (CASB)
- Strong ability to communicate to stakeholders with various levels of expertise
- Strong record of success in supporting large scale programs, preferably in a global organization.
- Excellent verbal and written communication skills
- BA/BS degree in related field