Senior Specialist - Cloud Security & Defense

About the role:

• Roles in this job family build, develop, implement and coordinates Diageos information security and cyber resilience strategy by evaluating, testing and monitoring security policies, procedures and systems.
• They typically have specific skills in IT and cyber security and risk assessment, and well as specialist skills in mitigation and fixes to potential vulnerabilities as detected. These roles will also be involved in continuity planning, containment and restoration of service planning.

Role Responsibilities:

• Lead the implementation, configuration, and optimization of Wiz(CSPM) across cloud environments
• Analyze cloud infrastructure risks and provide actionable recommendations using Wiz
• Review and suggest Cloud Configuration Rules (CCRs) to enhance security posture, ensuring adherence to standard methodologies and compliance requirements
• Regularly assess and fine-tune Wiz Features to ensure maximum effectiveness in detecting and mitigating security vulnerabilities
• Leverage proven knowledge of AWS and Azure to assess, implement, and enforce security standard methodologies across multi-cloud environments
• Develop and maintain security policies, standards, and procedures for cloud environments in alignment with organizational objectives
• Collaborate with multi-functional teams, including DevOps, IT, Security, and the SOC team, to ensure security is embedded into CI/CD pipelines, cloud infrastructure, and to promptly close cloud alerts
• Actively communicate and collaborate with the SOC team to investigate and resolve cloud security alerts and incidents, ensuring timely remediation and closure.
• Work closely with business and technical collaborators to understand security requirements and translate them into actionable security measures.
• Engage with leadership and other groups to define cloud security objectives, report on posture, and provide guidance on security risk management.
• Monitor and respond to security incidents and alerts generated through Wiz and other cloud security tools, ensuring timely resolution and reporting to relevant team members.
• Perform regular security assessments, audits, and vulnerability management, ensuring continuous compliance with regulatory standards (e.g., ISO 27001, SOC 2, NIST, CIS).
• Design and implement automation workflows to remediate security issues, reducing manual intervention and ensuring continuous compliance.
• Provide training and guidance to team members and collaborators on cloud security standard practices, tool usage Wiz, and how to assess and mitigate risks.

Experience / skills required:

• Should have atleast 5-7 years of experience in the CSPM platform and Cloud Experience.Cloud Computing Expertise: Good understanding of cloud platforms like AWS, Azure, or Google Cloud.
• Cybersecurity Knowledge: Solid understanding of cybersecurity principles, threat landscape, and security standard methodologies.Security Tools Proficiency: Experience with security tools like firewalls, intrusion detection systems, and security information and event management (SIEM) systems.Networking Knowledge: Understanding of network security concepts and protocols.