Cloud Security Engineer

Position:

1 Lead and manage Hybrid Cloud security operations, providing guidance and direction to ensure operational excellence.

2 Oversee security incident response and mitigation efforts, ensuring quick and efficient handling of security breaches or threats.

3 Develop and implement comprehensive security strategies to safeguard all hybrid Cloud systems.

4 Facilitate incident management processes for security-related issues, ensuring timely resolution and minimization of impact.

5 Conduct regular security assessments and audits to identify vulnerabilities and implement corrective measures.

6 Collaborate with stakeholders to develop security roadmaps and participate in daily standups to align security initiatives with organizational goals.

7 Lead change management processes and ITSM, ensuring security protocols are integrated and adhered to.

8 Foster a culture of continuous improvement in network security operations, including process creation and implementation.

9 Demonstrate a deep understanding of security principles, particularly in isolating issues with machine/user validation.

10 Experience in managing Business Continuity and Crisis Management.

11 Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats.

12 Staying up-to-date on the latest cloud security technologies, trends, and best practices.

Key Skills and Knowledge Areas:

- Strong understanding of cloud computing technologies, including:

- Infrastructure as a Service (IaaS)

- Platform as a Service (PaaS)

- Software as a Service (SaaS)

- Knowledge of security frameworks such as:

- ISO 27001

- NIST Cybersecurity Framework

- CIS Controls

- Familiarity with cloud platforms:

- Microsoft Azure

- Amazon Web Services (AWS)

- Google Cloud Platform (GCP)

- Preferred certifications:

- Certified Cloud Security Professional (CCSP)

- Certified Information Systems Security Professional (CISSP)

- Certified Cloud Architect (CCA)

- Experience in developing Cloud Security Frameworks using industry best practices such as:

- Cloud Security Alliance (CSA)

- NIST CSF

- Regulatory requirements like HIPAA, HITRUST, PCI

- Understanding of industry regulatory and compliance requirements:

- FedRAMP

- PCI-DSS

- NIST

- HIPAA

- Skilled at interpreting compliance and security requirements into implementable and repeatable controls.