Cloud Security Services

Cloud Infrastructure Security and Controls Manager

Reposted 3 Days Ago

Be an Early Applicant

Princeton, NJ

In-Office

Senior level

Cybersecurity • Data Privacy

The Role

The Infrastructure Security and Controls Manager will oversee security and internal controls for Technology Services, provide expertise in risk management, and ensure compliance with regulations within cloud environments.

Summary Generated by Built In

Cloud Security Services is looking for an Infrastructure Security and Controls Manager within the Information Security & Risk Management (ISRM) organization for our client. The Manager will have responsibilities for security and internal controls in support of Technology Services (TS). This is a 6-month project with the possibility of going full-time for the right candidate.
Responsibilities:

The Manager, Infrastructure Security & Controls will serve as the Information and Security Risk Management (ISRM) expert in supporting internal TS teams, projects and internal control audits focusing on client’s hybrid cloud and end user infrastructure. Serves as the ISRM technical subject matter expert and have direct interaction with TS employees, contractors and vendors. Provides expertise in security and internal controls to ensure that technology solutions meet requirements and standards. Serves as a technical mentor to TS peers as well as junior members of internal staff.

• Provides subject matter expertise to TS infrastructure project teams where IT risk management issues are involved, have potential implications for the business, and/or impact regions or functions, regulatory areas or technology platforms. Assists in the creation of the strategy and leads the implementation of the risk management approach for projects and develops processes for effective risk management.
• Ensures proper security and controls are built into TS tools, vendors, applications and services by providing technical expertise, evaluation, assessment and consultation.
• Proactively assesses the impact of regulatory and other security and internal control changes on TS and IT processes and advises management on the implications of costs, performance issues, risks and business needs
• Leads audit preparation activities, ensures audit readiness, hosts and supports audits (depending on function), and explains risk management tools and methodologies. Facilitates in the delivery of information and response and remediation to audit observations for internal and external audits.
• Analyses technical business and competitive issues and discerns their implications for risk management.
• Supervises contracting resources in the completion of work related to areas project and audit responsibilities previously listed.

Additional duties, including but not limited to:
• Consult on security decisions for the multi (AWS, Azure, GCP) cloud environment as well as end user product and services, ensuring business continuity and protection of data
• Analyzing architectures developed by client TS cloud platform teams
• Input to the security strategy and leading the implementation of the risk management approach for services provided by these platforms.
• Ensuring proper security and controls are built into the tools, vendors, platforms, applications, and services by providing technical expertise, evaluation, assessment, and consultation
• Anticipating risks and issues of technical complexity based on understanding of business trends and the goals and objectives of the TS Infrastructure community
• Define assurance to policies by use of Cloud security posture tools and processes
• Participates in enterprise and industry workgroups to craft the strategy for securing cloud environments
• Provides technical expertise to risk management activities for meeting regulatory, security and business requirements
• Measure assurance to policies by use of Cloud security posture tools and processes
• Evaluates and ensures the resolution of technical security issues, internal control issues, critical incidents and/or crisis resolution management, escalating as necessary
• Proactively assesses the impact of regulatory and other security and internal control changes on IT processes and advises management on the implications of costs, performance issues, risks and business needs
• Shares knowledge of future trends, tools, procedures and systems in security, internal controls and risk management
• Reviews or prepares reports or documents on risk management to be communicated to TS, IT and management in complex situations
• Proactively manages partner expectations at the manager level and above, advising on optimal approaches and resolving conflicts between internal controls, information security requirements, compliance and project/business constraints
• Assists in creation of forums, benchmarking analyses, and processes that result in improvement, information sharing and innovation across enterprise
• Develops networks of internal and external business partners, suppliers, the technical/legal community and consultants
• Develops and maintains business partner relationships with TS IT and Business stakeholders. Accountability for Security and Internal Controls and highly technical TS Infrastructure projects.
• Establishes partnerships with Cloud vendor engineers, technical staff and/or security professionals
• Makes hiring recommendations
• Trains employees
• Recommends budget amounts

Required Skills:
• 6+ years of Information Security/ IT Risk Management/IT experience with growing technical responsibilities
• Demonstrated proficiency in info security, and cloud computing domains as evidenced by industry certifications, including understanding of traditional and emerging threats with particular emphasis in Information Security controls and technologies to reduce operational and security risk covering AWS, Azure, GCP and/or M365
• Knowledge, understanding, and technical proficiency in cloud technologies/services (Virtual Private/Hybrid Cloud, SaaS, IaaS, PaaS, DBaaS) and the appropriate controls and processes to secure them or reduce risk
• Effectively works with virtual, global teams – including diverse groups of people with multifaceted backgrounds and cultural experiences
Preferred Skills:
• MS and/or advanced degree preferred
• Information Security & Risk Management certifications preferred
• Working knowledge of COBIT and / or ITIL is preferred
• Knowledge of key business processes preferred

Required Education:
• BA/BS in Information Technology/Information Security or minimum university degree equivalent
Preferred Education:
• MS and/or advanced degree
• Information Security & Risk Management Certifications; Microsoft Certifications

Top Skills

AWS

Azure

Dbaas

GCP

Hybrid Cloud

Iaas

M365

Paas

SaaS

Virtual Private Cloud

View all jobs at Cloud Security Services

View Cloud Security Services Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

Princeton, NJ

4 Employees

Year Founded: 2018

What We Do

We are a team of experts in cybersecurity, who specialize in protecting information assets against threats, both from inside the organization and outside.

We partner with your organization to understand your specific concerns and craft a cybersecurity strategy designed specifically for your business and your specific needs.

All of our experts come with 15+ years of information risk management experience in the Fortune 500 space. You can count on us to guide you throughout the process, and help you with your cybersecurity concerns.

Our specialty includes
- Cybersecurity
- Zero Trust
- Perimeter-less Security
- Workforce Identity and Access Management
- Consumer/Customer Identity and Access Management.