Sr Cloud Security Engineer

Role & responsibilities:

Conduct security assessments, vulnerability assessments, and penetration tests on systems and applications to identify weaknesses and recommend remediation actions.

• Monitor and analyze security alerts, events, and incidents to promptly detect and respond to threats.

• Manage and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. • Proactively monitoring Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps.

• Seen as the cloud-security and cloud-compliance SME by the teams you support.

• Participate in incident response activities, including containment, investigation, and recovery, in the event of a security incident.
• Stay updated with cybersecurity threats, vulnerabilities, and industry best practices to ensure the organization remains secure.
• Ability to provide security guidance for physical, virtual, and code infrastructure.
• Provide vendor due diligence reviews, including SOC2 and vendor risk assessments.
• Drive change to improve the overall security posture.
• Ensure the protection of Organization information assets through the technical enforcement of organizational security standards and policies. Job Description
• Ensure technology risk impacting the business is effectively identified, quantified, communicated, and managed, including recommendations for resolution and identifying the root cause.
• Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains, including vulnerability management, data protection, cloud and application security.
• Collaborate with team members and stakeholders on firm-mandated audits and take responsibility in performing the required reviews associated with the audit.
• Review IAM control standards, objectives in regular basis and perform access reviews associated with it
• Be the trusted advisor to ensure security of designs and blueprints for application architectures and cloud platforms.
• Design and maintain automated workflows to streamline security operations.

• Establish solid relationships with other teams and provide advisement as needed.

• Build and cultivate a security focused culture through partnership and collaboration with the business and technology teams.

Required Skill's:

Expert understanding of common information security standards and best practices. Experience in Security and regulatory compliance standards and frameworks

• Configure, deploy, and manage enterprise security tools including such as log management (SIEM), antivirus, intrusion prevention, data leak prevention, and application scanning and remediation.

• Researches, analyzes, and formulates recommendations regarding technologies, products, and solutions to fulfill requirements within CACU.

• Solid understanding of system development life cycle (SDLC) and provide security recommendations and oversight.

• Azure Cloud security experience (Preferred 2 years).

• Minimum 3 to 4 years of experience in cloud security

• Hands on experience securing public cloud workloads in a hybrid, corporate environment.

• Security, risk, and compliance experience with Cloud Platforms.

• Knowledge of security controls, configuration management, and vulnerability management in public cloud.

• Solid understanding of firewalls, WAFs, Web Gateways, and IPS

• Excellent problem-solving and analytical skills with the ability to quickly isolate problems, collect data, establish facts, and draw valid conclusions.

• Practical understanding with Agile, ITIL, monitoring, and metric