Job
Description
Cloud security Summary: The Cloud Security Specialist drives security strategy and architecture for our cloud initiatives, combining technical expertise with strategic thinking. They collaborate across teams as a Subject Matter Expert, promoting Everything as Code and empowering teams to tackle cloud security challenges proactively. Role and Responsibilities: Provide expert level guidance to facilitate the implementation and evolution of secure cloud and container architectures, including robust controls and best practices across various cloud service models such as IaaS, PaaS, SaaS, and hybrid configurations. Assist in the evolution of continuous monitoring solutions to validate systems against security baselines, promptly respond to policy violations, and ensure adherence to security standards and compliance requirements. Identify, evaluate, and propose innovative technology solutions for cloud and container environments aimed at enhancing process efficiency, automation, security, environment visibility, developer enablement, and streamlining processes. Collaborate proactively with developers, system administrators, and IT management to ensure that security controls and processes align with company directives and goals, promoting secure-by-design principles. Collaborate with cross-functional teams to design and implement secure cloud architectures, encompassing network security, identity and access management (IAM), data encryption, and other essential security controls. Ensure compliance with relevant security standards, regulations, and frameworks (e.g., GDPR, HIPAA, ISO 27001) across all cloud-based initiatives and deployments. Explore opportunities to introduce automation and innovative technologies in cloud security processes, aiming to enhance efficiency, reduce manual efforts, and strengthen overall security posture. Provide input into the design and deployment of automated security solutions, leveraging expertise to enhance the efficacy and scalability of security measures. Provide guidance and training to internal teams on cloud security best practices, emerging threats, and security awareness to foster a culture of security across the organization. Analyze the latest attacker techniques and implement solutions to mitigate associated risks, ensuring the resilience of cloud environments against evolving threats. Stay abreast of the latest cybersecurity threats and trends, proactively identifying potential vulnerabilities and recommending proactive measures to mitigate risks. Requirements: Bachelors degree in computer science, Information Technology, or Technology related field. Advanced degree or relevant certifications (e.g., CISSP, CCSP, AWS Certified Security Specialty) preferred. Seven years of experience in one, or a combination, of network, application, cloud, or infrastructure security domain, showcasing a comprehensive understanding of security principles and practices. Demonstrated expertise in cloud platforms like AWS, Azure, and Google Cloud, including a deep understanding of security features such as IAM, VPC, Security Groups, and encryption services. Strong familiarity with networking concepts, protocols, and security principles, enabling the design and implementation of secure network architectures. Demonstrated experience in cloud-native architectures, microservices, and operational best practices in cloud and container orchestration. Experience integrating enterprise-scale security solutions in AWS and/or Azure, encompassing user, security, and networking configurations to ensure robust security postures. Proficiency in full stack cloud automation using tools like Git, Terraform, Ansible, and Jenkins, with past programming experience, and knowledge of Python is a plus. Experience aligning security programs with industry benchmarks and standards such as NIST, CIS, FIPS, PCI DSS, HIPAA, and FIPS 140-2, ensuring adherence to best practices. Strong understanding of IT Risk Management, Security Policies and Procedures, Internal Audit, and Compliance Standards. Familiarity with SOC, FFIEC, CSA, and FedRAMP is a plus. Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and capability to communicate technical concepts to non-technical stakeholders. Proven ability to work independently, prioritize tasks, and manage multiple projects simultaneously in a fast-paced environment, ensuring timely and efficient completion of objectives. Commitment to continuous learning and staying updated on industry developments and emerging technologies, coupled with adaptability to evolving technology environments and requirements. Capacity to convey complex ideas effectively, providing definitive direction and guidance on cloud security issues to drive results and mitigate risks effectively. Senior Security Technical Analyst: Key Responsibilities: SaaS Visibility and Risk Identification Ensure ongoing discovery and classification of SaaS usage across the organization, leveraging CASB and other telemetry to identify unsanctioned platforms, assess risk levels, and trigger appropriate security review processes. Security Baseline Enforcement Ensure all SaaS platforms meet Clients minimum security requirements (e.g., SSO, MFA, RBAC, logging, IP restrictions, encryption). Support teams in implementing and validating controls and identify drift over time. Access, Integration, and Data Governance Oversee proper identity and access controls, secure API integrations, and enforcement of data classification, retention, and encryption policies. Coordinate with IAM, Privacy, and business teams to maintain compliance. Monitoring, Alerting, and Incident Readiness Ensure SaaS platforms generate appropriate logs, integrate with enterprise SIEM (e.g., Splunk), and support real-time alerting. Confirm runbooks and escalation paths are in place for incident response and vendor coordination. Governance, Oversight, and Lifecycle Management Maintain visibility into SaaS configurations, ensure changes follow Client change control standards, and verify that lower environments are also governed appropriately. Technical Skills and Experience: Bachelors degree in computer science, information technology or a related field. 7+ years of experience in Information Security, with at least 3 years focused on SaaS security or cloud platforms. Strong understanding of SaaS-specific risks, architecture, and controls. Experience working with CASB, SSPM, and SIEM tools (e.g., Microsoft Defender, Splunk). Understanding of identity and access management in the context of SaaS platforms and integrations with other systems. Strong knowledge of data protection, encryption, secure integration practices, and incident response procedures. Understanding of industry frameworks (e.g., NIST SP 800-53, CSA, CIS). Technical knowledge of cloud-native platforms and integrations. Experience conducting or supporting technical risk assessments for SaaS vendors. Soft Skills: Excellent written and verbal communication skills; ability to articulate technical topics clearly. Strong analytical skills and attention to detail. Ability to work independently in a global, matrixed organization. Comfortable working in rotational shifts and managing competing priorities. Preferred Certifications (Good to Have): CCSK, CRISC, CISA, ISO 27001, or similar cloud/security-related certifications. Experience working in financial services or other highly regulated environments.
