Cloud Security Engineer - CISSP/CCSP Certified (8-12 yrs)

Role and Responsibilities :

- Provide expert level guidance to facilitate the implementation and evolution of secure cloud and container architectures, including robust controls and best practices across various cloud service models such as IaaS, PaaS, SaaS, and hybrid configurations.

- Assist in the evolution of continuous monitoring solutions to validate systems against security baselines, promptly respond to policy violations, and ensure adherence to security standards and compliance requirements.

- Identify, evaluate, and propose innovative technology solutions for cloud and container environments aimed at enhancing process efficiency, automation, security, environment visibility, developer enablement, and streamlining processes.

- Collaborate proactively with developers, system administrators, and IT management to ensure that security controls and processes align with company directives and goals, promoting secure-by-design principles.

- Collaborate with cross-functional teams to design and implement secure cloud architectures, encompassing network security, identity and access management (IAM), data encryption, and other essential security controls.

- Ensure compliance with relevant security standards, regulations, and frameworks (e.g., GDPR, HIPAA, ISO 27001) across all cloud-based initiatives and deployments.

- Explore opportunities to introduce automation and innovative technologies in cloud security processes, aiming to enhance efficiency, reduce manual efforts, and strengthen overall security posture.

- Provide input into the design and deployment of automated security solutions, leveraging expertise to enhance the efficacy and scalability of security measures.

- Provide guidance and training to internal teams on cloud security best practices, emerging threats, and security awareness to foster a culture of security across the organization.

- Analyze the latest attacker techniques and implement solutions to mitigate associated risks, ensuring the resilience of cloud environments against evolving threats.

- Stay abreast of the latest cybersecurity threats and trends, proactively identifying potential vulnerabilities and recommending proactive measures to mitigate risks.

Requirements :

- Bachelor's degree in computer science, Information Technology, or Technology related field. Advanced degree or relevant certifications (e.g., CISSP, CCSP, AWS Certified Security - Specialty) preferred.

- Seven years of experience in one, or a combination, of network, application, cloud, or infrastructure security domain, showcasing a comprehensive understanding of security principles and practices.

- Demonstrated expertise in cloud platforms like AWS, Azure, and Google Cloud, including a deep understanding of security features such as IAM, VPC, Security Groups, and encryption services.

- Strong familiarity with networking concepts, protocols, and security principles, enabling the design and implementation of secure network architectures.

- Demonstrated experience in cloud-native architectures, microservices, and operational best practices in cloud and container orchestration.

- Experience integrating enterprise-scale security solutions in AWS and/or Azure, encompassing user, security, and networking configurations to ensure robust security postures.

- Proficiency in full stack cloud automation using tools like Git, Terraform, Ansible, and Jenkins, with past programming experience, and knowledge of Python is a plus.

- Experience aligning security programs with industry benchmarks and standards such as NIST, CIS, FIPS, PCI DSS, HIPAA, and FIPS 140-2, ensuring adherence to best practices.

- Strong understanding of IT Risk Management, Security Policies and Procedures, Internal Audit, and Compliance Standards. Familiarity with SOC, FFIEC, CSA, and FedRAMP is a plus.

- Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and capability to communicate technical concepts to non-technical stakeholders.

- Proven ability to work independently, prioritize tasks, and manage multiple projects simultaneously in a fast-paced environment, ensuring timely and efficient completion of objectives.

- Commitment to continuous learning and staying updated on industry developments and emerging technologies, coupled with adaptability to evolving technology environments and requirements.

- Capacity to convey complex ideas effectively, providing definitive direction and guidance on cloud security issues to drive actionable results and mitigate risks effectively.