Job
Description
We are looking for a highly skilled Cloud Security Manager with extensive experience in securing cloud environments across AWS, Azure, and GCP. The ideal candidate will have a strong background in cloud security architecture, governance, risk management, and compliance (GRC), ensuring the security of cloud-based applications, data, and infrastructure. ### Roles and Responsibility Design, implement, and manage security controls across cloud environments. Define cloud security strategies, reference architectures, and best practices. Conduct risk assessments and threat modeling for cloud-based applications and services. Implement Identity and Access Management (IAM) and Zero Trust Architecture. Oversee network security, encryption, key management, and data protection mechanisms. Ensure compliance with industry standards and regulatory requirements such as ISO 27001, NIST, CIS, PCI DSS, HIPAA, GDPR, and SOC2. Develop, implement, and monitor security policies, procedures, and controls. Collaborate with legal, audit, and compliance teams to ensure regulatory adherence. Conduct cloud security assessments and audits to identify gaps and drive remediation. Identify, assess, and mitigate cloud security risks and vulnerabilities. Implement cloud-native security tools such as AWS Security Hub, Azure Defender, Google Security Command Center, etc. Develop and enforce incident response and security monitoring processes for cloud environments. Work with SOC teams to integrate SIEM, threat intelligence, and security automation (SOAR) solutions. Manage cloud security posture management (CSPM) and cloud workload protection platform (CWPP) solutions. Integrate security into CI/CD pipelines to ensure secure application development. Automate security testing using SAST, DAST, and IaC security scanning tools. Work with DevOps teams to enforce secure coding practices and cloud security configurations. Lead and mentor security engineers, analysts, and cloud teams in security best practices. Collaborate with cross-functional teams to embed security into cloud development and operations. Conduct security awareness training for development, operations, and business teams. Travel to MENA region for project delivery is required.### Job Requirements Strong expertise in AWS, Azure, and GCP security services including IAM, KMS, Security Groups, VPC, Azure Defender, Google SCC, etc. In-depth knowledge of cloud security architecture, network security, and workload protection. Experience with security frameworks such as NIST, CIS, and ISO 27001. Hands-on experience with SIEM, SOAR, CSPM, CWPP, and Endpoint Security solutions. Expertise in Identity & Access Management (IAM), Privileged Access Management (PAM), and Multi-Factor Authentication (MFA). Knowledge of DevSecOps, Infrastructure as Code (IaC) security, and security automation. Consulting experience in a client-facing environment is a must.
