Job
Description
Here’s what you will do - Incident Response Leadership: Develop, manage, and coordinate cybersecurity incidents from detection through resolution, including maintaining and updating incident response playbooks. Ensure swift and effective action to minimize risks and mitigate damage. Risk Assessment & Management: Conduct regular risk assessments, develop risk management strategies, and implement controls to mitigate identified risks. Threat Intelligence and Analysis: Research and analyze emerging threats, utilizing threat intelligence platforms to enhance preparedness and proactively predict and prevent potential threats. Application Security: Develop and implement security measures to protect applications throughout their lifecycle. Collaborate with development teams to identify and address vulnerabilities in application code, ensuring secure coding practices are followed and applications are resilient against attacks. Security Solutions Development: Design and implement security solutions that align with business objectives and industry standards, ensuring compliance and robustness across all environments, including cloud platforms like AWS, GCP, and Azure. DevSecOps Advocacy: Champion secure development practices within DevOps processes, providing guidance on security best practices throughout the software development lifecycle (SDLC). Cloud Security Leadership: Lead a team of Cloud Security engineers, collaborating closely with cloud architects to embed security by design. Focus on developing and maintaining security protocols in cloud environments, and deliver strategic security solutions for cloud implementations. Operational Security Management: Oversee security monitoring of operational and production environments, ensuring threats are identified and addressed promptly while maintaining system integrity. Security Compliance Management: Ensure compliance with regulatory requirements, manage audits, and provide detailed reporting and analysis on security incidents to key stakeholders. Third-Party Risk Management: Oversee security assessments and management of third-party vendors to ensure they meet the organization's security standards. Security Training & Awareness: Develop and lead security awareness programs to educate employees on best practices and emerging threats. Stakeholder Collaboration & Reporting: Maintain strong relationships with key stakeholders, including incident response and disaster recovery teams, and communicate security concepts effectively to technical and non-technical audiences. Required Skills and Qualifications Extensive Security Experience: 5+ years in information security, with hands-on experience in forensic analysis, threat landscape understanding, and managing security in large-scale, public cloud environments (e.g., AWS, Azure, GCP). Technical Proficiency: Extensive experience with security tools across enterprise, application, CDN, and cloud security domains, coupled with proficiency in automation and scripting languages (e.g.,Python, PowerShell) to enhance security operations and streamline incident response. Security Standards Knowledge: Strong understanding of industry standards like NIST, ISO 27001,CIS, OWASP, and Zero Trust architecture, with the ability to apply them effectively. Leadership and Mentorship: Proven ability to lead and mentor security teams, fostering a collaborative and high-performance environment. Certifications: Relevant security certifications such as CISSP, SSCP, CCSP, GCIH, OSCP Show more Show less
