Position: Cloud Security Architect
Experience: 6-12 Years
1 Lead and manage Hybrid Cloud security operations, providing guidance and direction to ensure operational excellence.
2 Oversee security incident response and mitigation efforts, ensuring quick and efficient handling of security breaches or threats.
3 Develop and implement comprehensive security strategies to safeguard all hybrid Cloud systems.
4 Facilitate incident management processes for security-related issues, ensuring timely resolution and minimization of impact.
5 Conduct regular security assessments and audits to identify vulnerabilities and implement corrective measures.
6 Collaborate with stakeholders to develop security roadmaps and participate in daily standups to align security initiatives with organizational goals.
7 Lead change management processes and ITSM, ensuring security protocols are integrated and adhered to.
8 Foster a culture of continuous improvement in network security operations, including process creation and implementation.
9 Demonstrate a deep understanding of security principles, particularly in isolating issues with machine/user validation.
10 Experience in managing Business Continuity and Crisis Management.
11 Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats.
12 Staying up-to-date on the latest cloud security technologies, trends, and best practices.
- Strong understanding of cloud computing technologies, including:
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
- Knowledge of security frameworks such as:
- ISO 27001
- NIST Cybersecurity Framework
- CIS Controls
- Familiarity with cloud platforms:
- Microsoft Azure
- Amazon Web Services (AWS)
- Google Cloud Platform (GCP)
- Preferred certifications:
- Certified Cloud Security Professional (CCSP)
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Architect (CCA)
- Experience in developing Cloud Security Frameworks using industry best practices such as:
- Cloud Security Alliance (CSA)
- NIST CSF
- Regulatory requirements like HIPAA, HITRUST, PCI
- Understanding of industry regulatory and compliance requirements:
- FedRAMP
- PCI-DSS
- NIST
- HIPAA
- Skilled at interpreting compliance and security requirements into implementable and repeatable controls.