This includes the management of core cloud security products and infrastructure components across domains including Cloud Native Security, Application & Host Security, Infrastructure Defense, and Vulnerability Assessments.
The candidate will work closely with the Security Operations Center to engineer and build appropriate solutions to identify, analyze, and respond to threats in the cloud.
As a subject matter expert, the candidate is also expected to identify opportunities to improve cloud security architecture and capabilities, designing and driving changes to meet corporate and regulatory requirements to achieve targeted goals.
He or she should also have customer facing skills that will allow them to manage both internal and external customers well, drive discussions with management, and a sound technical background to engage the Technology teams.
- Apply adept understanding and experience with various cloud technologies and systems automation platforms, and partake in efforts that shape the organization's security policies and standards for use in cloud environments.
- Direct and influence multi-disciplinary teams in implementing and operating cloud security controls, including interpreting security and technical requirements and communicating security risks to relevant stakeholders.
- Oversee the end-to-end life cycle of any cloud security implementation and execute the on-boarding of new and existing cloud security solutions into the security infrastructure.
- Work with the security operations teams and red teams to design and develop appropriate cloud security monitoring solutions, which will include an understanding of attacks through attack trees, recognizing threats via indicators.
- Educate and advise business and technical leaders on the development, delivery, and management of cloud security solutions.
- Responsible for the engineering/re-engineering and oversight of operational and business processes and documentation while developing measurement and improvement processes to continuously drive service maturity.
- Periodically evaluate existing systems and capabilities to ensure effectiveness.
Experience and qualifications:
- 4+ years of experience in administration or use of various cloud providers (e.g. AWS, Azure, GCP, etc.) and cloud security products such as CASB, CWPP, CSPM, CNSP, etc.
- Practical knowledge of AWS cloud security services like CloudTrail, GuardDuty, IAM, etc. is a plus.
- Knowledge of MITRE ATT&CK and Cyber Kill Chain methods and other similar frameworks is a must; knowledge with regular expressions, automation, and scripting is an asset.
- Security certifications like CISSP, AWS SA, etc. is a plus.
- Demonstrate ability to operate in diverse environments and cultures and enjoys working in challenging and fast-paced environment.
- Ability to provide on call support when needed.
- Good discipline in timely submission and reporting key metrics and status.
- Strong communication and presentation skills to wide and diverse audiences.
EA Licence No: 11C5502 | EAP Registration No.: R22104910