Cloud Specialist

Cloud Security Lead

10-18 years

KEY SKILLS AND EXPERIENCE

1. Cloud computing experience (AWS, AliCloud, Azure), and in particular, CloudFormation, EC2, EMR, S3, Redshift, RDS, SQS and AutoScaling Groups
2. Experience in patch management and vulnerability scanning
3. Familiarity with industry standards, guidelines, and regulatory compliance requirements related to information security and cloud computing such as ISO 27001, Cloud Security Alliance, NIST 800-53, PCI DSS, SOC2 and FedRamp
4. Strong analytical & problem-solving skills with ability to translate ideas into practical implementation
5. Ability to manage stakeholder relationships including team members, vendors and partners
6. Excellent leadership and communication skills with ability to present and communicate effectively with both technical and non-technical audience
7. Ability to provide technical and professional leadership, guidance, and training to others.

KEY RESPONSIBILITIES

1. Possess strong understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of a cloud security program
2. Support in design, implementation and configuration of the Cloud security systems
3. Lead cloud security assessments and provide recommendations on required configurations for client cloud platforms (such as AWS, Azure, GCP, Alibaba Cloud, Oracle Cloud) and environments based on Cloud Cyber Risk Framework and industry standard frameworks such as PDP, GDPR, ISO, CSA-CSM and NIST.
4. Interface with Engineering and assist with testing or troubleshooting
5. Identify security gaps or concerns pertaining to new infrastructure or application build out.
6. Troubleshoot problems with cloud infrastructure (e.g., domain name service, virtual network peering, dedicated cloud connectivity services) and resources (e.g., virtual machines, virtual networks, cloud databases) in a multi-cloud vendor environment and lead analysis of technical platform issues, and resolution as part of cyber risk mitigation steps.
7. Create and maintain documentation of departmental security procedures pertaining to cloud security
8. Serve as an expert on cloud cyber risk for other business and technology stakeholders.
9. Maintain and build effective, professional relationships with third party vendors and service providers that result in timely delivery of requirements and the highest standards of quality and cost effectiveness
10. Work with internal stakeholders to gather requirements and develop the most effective solutions