Summary:
CFGI is seeking a Manager-level candidate for Cloud Security to lead security assessments and remediation efforts within our clients' cloud environments. The ideal candidate will have extensive experience securing Microsoft Azure and AWS cloud platforms, with a strong understanding of GRC principles. This role requires a proactive and collaborative approach to identify and mitigate risks, ensure compliance, and implement robust security controls in the cloud.
Responsibilities:
·Cloud Security Assessments: Conduct comprehensive security assessments of clients' Microsoft Azure and AWS environments to identify vulnerabilities, misconfigurations, and compliance gaps.
·Remediation and Implementation: Develop and implement remediation plans to address identified security issues, including configuration changes, policy updates, and security tool deployments.
·Security Tool Management: Manage and configure cloud security tools within Microsoft Azure and AWS, including vulnerability scanners, SIEMs, and cloud-native security services.
·GRC Integration: Collaborate with GRC teams to ensure that cloud security practices align with industry standards, regulatory requirements, and organizational policies.
·Incident Response: Assist in incident response investigations related to cloud security incidents, providing technical analysis and recommendations for containment and recovery.
·Stakeholder Communication: Communicate effectively with technical and non-technical stakeholders, translating complex cloud security concepts into actionable insights.
Qualifications:
·Cloud Security Experience: At least five years of experience in cloud security, with a focus on Microsoft Azure and AWS platforms. Google Cloud experience is preferred but not required.
·Security Assessment Skills: Proven ability to conduct thorough security assessments and develop effective remediation plans.
·Cloud Security Tools: Experience with cloud security tools, including vulnerability scanners, SIEMs, and cloud-native security services.
·GRC Knowledge: Understanding of GRC principles and their application to cloud security.
·Communication Skills: Excellent written and verbal communication skills, with the ability to present technical information clearly and concisely.
·Certifications: Industry certifications such as CISSP, CISM, or cloud-specific certifications.
·Consulting Experience: Prior experience in a consulting environment is preferred.
Benefits:
·Challenging Work: Work on a variety of cloud security projects, gaining exposure to diverse technologies and industries.
·Professional Growth: Opportunities for continuous learning and development, including training on new cloud security tools and technologies.
·Collaborative Environment: Work with a talented team of security professionals in a supportive and collaborative environment.
·Location: Remote or Hybrid (based on candidate preference).