Sr. Cloud Security Engineer

Job Description

? Conduct security assessments, vulnerability assessments, and penetration tests on systems and applications to identify weaknesses and recommend remediation actions. ? Monitor and analyze security alerts, events, and incidents to promptly detect and respond to threats. ? Manage and maintain security tools and technologies, such as firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems. ? Proactively monitoring Key Risk Indicators to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps. ? Seen as the cloud-security and cloud-compliance SME by the teams you support. ? Participate in incident response activities, including containment, investigation, and recovery, in the event of a security incident. ? Stay updated with cybersecurity threats, vulnerabilities, and industry best practices to ensure the organization remains secure. ? Ability to provide security guidance for physical, virtual, and code infrastructure. ? Provide vendor due diligence reviews, including SOC2 and vendor risk assessments. ? Drive change to improve the overall security posture. ? Ensure the protection of Organization information assets through the technical enforcement of organizational security standards and policies. ? Ensure technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause. ? Serve as a point of escalation and subject matter expert for IT Risk and Cyber domains, including vulnerability management, data protection, cloud and application security. ? Collaborate with team members and stakeholders on firm-mandated audits and take responsibility in performing the required reviews associated with the audit. ? Review IAM control standards, objectives in regular basis and perform access reviews associated with it ? Be the trusted advisor to ensure security of designs and blueprints for application architectures and cloud platforms. ? Design and maintain automated workflows to streamline security operations. ? Establish solid relationships with other teams and provide advisement as needed. ? Build and cultivate a security focused culture through partnership and collaboration with the business and technology teams. What is the expectation from the candidate's current role/profile ? Expert understanding of common information security standards and best practices. Experience in Security and regulatory compliance standards and frameworks ? Configure, deploy, and manage enterprise security tools including such as log management (SIEM), antivirus, intrusion prevention, data leak prevention, and application scanning and remediation. ? Researches, analyzes, and formulates recommendations regarding technologies, products, and solutions to fulfill requirements within CACU. ? Solid understanding of system development life cycle (SDLC) and provide security recommendations and oversight. ? Azure Cloud security experience (Preferred 2 years). ? Minimum 3 to 4 years of experience in cloud security ? Hands on experience securing public cloud workloads in a hybrid, corporate environment. ? Security, risk, and compliance experience with Cloud Platforms. ? Knowledge of security controls, configuration management, and vulnerability management in public cloud. ? Solid understanding of firewalls, WAFs, Web Gateways, and IPS ? Excellent problem-solving and analytical skills with the ability to quickly isolate problems, collect data, establish facts, and draw valid conclusions. ? Practical understanding with Agile, ITIL, monitoring, and metrics