Job
Description
We are seeking a highly skilled Cloud Security Manager with extensive experience in securing cloud environments across AWS, Azure, and GCP . The ideal candidate will have a strong background in cloud security architecture, governance, risk management, and compliance (GRC), ensuring the security of cloud-based applications, data, and infrastructure. The Cloud Security Manager will work closely with security, IT, and engineering teams to define and implement security best practices, policies, and frameworks, aligning with industry standards and regulatory compliance requirements. Key Cloud Security Strategy And Architecture Design, implement, and manage security controls across AWS, Azure, and GCP environments. Define cloud security strategies, security reference architectures, and best practices. Conduct risk assessments and threat modelling for cloud-based applications and services. Implement Identity and Access Management (IAM) , Zero Trust Architecture (good to have) , and least privilege access controls. Oversee cloud network security, encryption, key management , and data protection mechanisms . Compliance & Governance Ensure compliance with industry standards and regulations such as ISO 27001, NIST, CIS, PCI DSS, HIPAA, GDPR, and SOC 2 . Develop, implement, and monitor cloud security policies, procedures, and controls. Collaborate with legal, audit, and compliance teams to ensure regulatory adherence. Conduct cloud security assessments and audits to identify gaps and drive remediation. Cybersecurity & Risk Management Identify, assess, and mitigate cloud security risks and vulnerabilities. Implement cloud-native security tools such as AWS Security Hub, Azure Defender, Google Security Command Center, etc. Develop and enforce incident response and security monitoring processes for cloud environments. Work with SOC teams to integrate SIEM, threat intelligence, and security automation (SOAR) solutions. Manage cloud security posture management (CSPM) and cloud workload protection platform (CWPP) solutions. DevSecOps & Security Automation Integrate security into CI/CD pipelines to ensure secure application development. Automate security testing using SAST, DAST, and IaC security scanning tools . Work with DevOps teams to enforce secure coding practices and cloud security configurations. Team Leadership & Collaboration Lead and mentor security engineers, analysts, and cloud teams in security best practices. Collaborate with cross-functional teams to embed security into cloud development and operations. Conduct security awareness training for development, operations, and business teams. Required Qualifications & Skills Technical Skills Strong expertise in AWS, Azure, and GCP security services (IAM, KMS, Security Groups, VPC, Azure Defender, Google SCC, etc.). In-depth knowledge of cloud security architecture, network security, and workload protection . Experience with security frameworks (NIST, CIS, ISO 27001) and regulatory compliance. Hands-on experience with SIEM, SOAR, CSPM, CWPP, and Endpoint Security solutions . Expertise in Identity & Access Management (IAM), Privileged Access Management (PAM), and Multi-Factor Authentication (MFA) . Knowledge of DevSecOps, Infrastructure as Code (IaC) security, and security automation . Handon experience in developing project related technical documents, reports, artefacts , policy/procedure documents etc. Certifications (Preferred but not mandatory) CISSP (Certified Information Systems Security Professional) CCSP (Certified Cloud Security Professional) AWS Certified Security - Specialty Microsoft Certified Cybersecurity Architect Expert Google Professional Cloud Security Engineer CISA, CISM, or CRISC (for compliance and risk management expertise) Soft Skills Strong leadership and stakeholder management abilities. Excellent problem-solving, analytical, and decision-making skills. Ability to work in a fast-paced and evolving cloud security landscape. Consulting experience in a client facing environment is a must Travel to MENA region for project delivery
