We are seeking a highly technical and experienced Cloud Security Specialist to develop comprehensive cloud security strategies that align with the firm’s goals, including security policies, procedures, and controls.
WHAT YOU’LL DO
- Design and implement a comprehensive security infrastructure across multiple public cloud environments, including AWS, Azure, and GCP
- Develop and enforce Key Risk Indicators (KRIs) to ensure compliance with industry-leading frameworks such as NIST CSF and Cloud Security Alliance CCM
- Manage and enforce security controls across a complex, multi-cloud environment, including IAM, encryption, networking, and logging
- Implement and enforce security standards for cloud services, including ComputeEngine, BigQuery, EC2, Lambda, ScaleSets, Object storage, and various GenAI services
- Develop and implement an encryption strategy, including key management and rotation
- Conduct regular security assessments and audits to ensure the security of our cloud infrastructure and identify areas for improvement
- Utilize Terraform for provisioning, compliance, and management of cloud infrastructure, and implement policy-as-code using Open Policy Agent (OPA) to enforce security and compliance policies
- Secure Kubernetes deployments and apply best practices, and collaborate with Cloud Engineering and development teams to ensure secure architecture practices are followed
- Manage cloud risk through Cloud Security Posture Management (CSPM) and Cloud Detection and Response (CDR) tools, and work with Security Operations to design incident response and disaster recovery plans
- Stay current with security trends, advisories, incidents, and vulnerability bulletins to ensure the organization's cloud infrastructure remains secure and up-to-date
WHAT’S REQUIRED
- 5-7 years of hands-on experience in cloud security, with a focus on AWS and GCP environments
- Deep understanding of cloud architecture, frameworks and cloud security best practices, and a proven track record of successfully implementing secure highly available cloud applications
- Strong understanding of cloud network protocols and IP networking, including Interconnect and Private Service Connect, Direct Connect, ExpressRoute etc
- Experience with Terraform, Kubernetes and policy-as-code, preferably using OPA or Sentinel
- In-depth experience with Cloud Security Posture Management (CSPM) platforms such as Wiz, Prisma Cloud and Cloud Detection and Risk (CDR) tools
- Exceptional problem-solving skills and adaptability to work under pressure, collaboratively and in a fast-paced environment
- Bachelor’s degree in computer science, information security, or a related field
- Certifications such as CISSP, CCSP, CSSK, AWS, GCP and Azure security are required
