Security Consultant

We are seeking an experienced Cloud Security Consultant to help design, implement, and enhance security controls for the Business Enablement Layer. This role will focus on key areas such as Identity and Access Management (IAM), Cloud Security, and Infrastructure/Application Security. The ideal candidate will be a strategic thinker and technical expert who can provide guidance on cloud security best practices, architecture, and secure configurations to ensure business enablement while mitigating risks.

Key Responsibilities:

• Cloud Security Architecture:
• Design and implement robust cloud security frameworks for infrastructure, applications, and data in both public and private cloud environments (AWS, Azure, GCP).
• Implement security best practices, controls, and standards to ensure that cloud-based assets remain secure.
• Identity and Access Management (IAM):
• Lead the design, implementation, and management of IAM solutions to ensure that appropriate authentication and authorization mechanisms are in place.
• Work with teams to integrate IAM services with cloud platforms and other business systems to ensure secure user access and identity lifecycle management.
• Infrastructure & Application Security:
• Collaborate with development and operations teams to ensure secure coding practices and vulnerability management are in place for both infrastructure and applications.
• Implement and monitor infrastructure-level security measures, including firewalls, encryption, and intrusion detection systems.
• Security Policies & Governance:
• Define and implement security policies, procedures, and controls to maintain regulatory compliance (e.g., GDPR, HIPAA, SOC2) and industry standards.
• Conduct security assessments, risk assessments, and audits for business enablement layers, ensuring that potential security threats are mitigated early.
• Collaboration & Consultation:
• Work closely with IT, development, and business teams to design and implement security solutions that align with organizational objectives and ensure secure business enablement.
• Provide expert guidance on security-related aspects of cloud solutions, advising on best practices and industry trends.
• Incident Management & Response:
• Monitor security events, analyze incidents, and implement corrective actions to resolve vulnerabilities and improve security posture.
• Participate in security incident investigations, providing technical expertise and recommending remedial actions.
• Continuous Improvement:
• Stay updated on emerging security threats, cloud security trends, and best practices.
• Recommend and implement security improvements and innovations for evolving business needs.

Required Skills & Qualifications:

• Technical Expertise:
• Proven experience in designing and implementing IAM solutions, cloud security, and application/infrastructure security for large, complex environments.
• Hands-on experience with cloud platforms (AWS, Azure, GCP), cloud security services (e.g., IAM, encryption, network security), and security tools (e.g., SIEM, IDS/IPS, vulnerability management tools).
• Expertise in security frameworks, regulations (GDPR, SOC2, NIST), and best practices in cloud environments.
• Knowledge of secure development practices and experience with DevSecOps models.
• Certifications:
• Industry certifications such as CISSP, CCSP, AWS Certified Security Specialty, Azure Security Engineer, or equivalent are highly preferred.
• Analytical & Problem-Solving Skills:
• Strong ability to analyze complex security issues and propose effective solutions.
• Experience with risk assessment and vulnerability management methodologies.
• Communication & Collaboration:
• Ability to communicate complex security concepts to non-technical stakeholders.
• Experience working in cross-functional teams, consulting, and delivering secure solutions for business enablement.

Preferred Qualifications:

• Experience with DevOps and Infrastructure as Code (IaC) security.
• Familiarity with automation and orchestration tools in cloud environments (e.g., Terraform, Ansible).
• Experience working in an offshore or distributed team environment.