Key Responsibilities:
• Cloud Security Architecture: Design, develop, and implement robust security architecture for cloud-based systems, ensuring compliance with industry standards and regulations. Had working for SIME deployments i.e. WAZUH or any similar tool.
• Security Implementation: Deploy and configure security tools, controls, and technologies in cloud environments, such as firewalls, intrusion detection/prevention systems, encryption mechanisms, and access controls.
• Risk Assessment and Management: Conduct regular risk assessments and vulnerability scans to identify and mitigate security risks and threats in cloud infrastructure and applications.
• Incident Response: Develop and maintain incident response plans and procedures to effectively respond to security incidents, including investigation, containment, and remediation.
• Security Monitoring and Logging: Implement monitoring and logging solutions to continuously track and analyze security events and activities within cloud environments and respond promptly to any suspicious behavior or anomalies.
• Identity and Access Management (IAM): Manage user access and permissions in cloud platforms, ensuring least privilege principles are enforced and access controls are properly configured.
• Security Compliance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., GDPR, HIPAA, ISO 27001) in cloud environments, and assist with audits and assessments as needed.
• Security Awareness and Training: Develop and deliver security awareness programs and training sessions to educate employees and stakeholders on cloud security best practices and policies.
• Collaboration and Communication: Collaborate with cross-functional teams, including IT operations, development, and business units, to integrate security into all aspects of the cloud lifecycle and communicate security requirements effectively.
• Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and security technologies in the cloud space, and recommend and implement improvements to enhance the overall security posture.
Qualifications:
• Bachelor’s degree in computer science, Information Security, or a related field; master’s degree preferred.
• Proven experience (2-3 years) working as a security engineer or architect, with a focus on cloud security.
• Strong understanding of cloud computing platforms (e.g., AWS, Azure, Google Cloud) and their security features and services.
• Hands-on experience with cloud security tools and technologies, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud security posture management (CSPM) tools.
• Certifications such as Certified Cloud Security Professional (CCSP), or AWS Certified Security Specialty are highly desirable.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• Strong commitment to maintaining the highest standards of security and compliance.
• Experience with scripting and automation (e.g., Python, PowerShell) for security tasks is a plus