Cloud Infrastructure Security Team Lead

We seek a dynamic and highly motivated individual to lead our cloud infrastructure security team, within the Security Group.

This pivotal role focuses on leading and driving the successful implementation of our proactive and reactive cloud security initiatives - fortification, defense, offensive testing, denial of service, resilience, observability, and incident response. 

This team collaborates closely, with the AppSec, DevSecops, ITSEC, and various business units to ensure a strong posture and continuous testing and improvement. 

The primary objective is to ensure the highest level of security for our cloud infrastructure, including protection, detection, and response to potential vulnerabilities and incidents, such as anomaly detection and system hardening for our production environment and other critical business units. 

This position is a senior technical management role within the Security leadership.

About The Role:

• Own and shape the future of our cloud security infrastructure posture by helping to define and be responsible for achieving multi-year & yearly objectives and key results for the team and achievement
• Work diligently to reduce any potential attack surface by establishing daily ceremonies and robust technical frameworks for continuous security monitoring, hardening, detection, and response.
• Work closely with R&D and strategic business units to enhance cloud infrastructure security security on all layers
• Responsible for multilayered security technologies, ensuring systems are hardened, and defined according to best practices, ensuring best practice monitoring and response processes and playbooks. 
• Run continuous testing on relevant aspects of the system, ensuring continuous improvement. ( DDOS, WAF configuration, Blue and Red Team, Incident response) 
• Secure infrastructure reviews and integration guidelines. 
• Continuous definition of KPIs, Adhering to defined KPIs and SLAs.

Requirements

• Previous 4+ years of senior management position ( team lead/ manager )
• 5+ years in the following: Devops, DevSecOps, Production Engineering
• Focus on Attack Surface Reduction, Hunting, and Threat Detection, preferably in SaaS organizations
• A wide spectrum of technical know-how with deep expertise in areas such as MITRE, Redteaming, Pentesting, and Eradication. 
• Experience in Secure Development Lifecycle and underlying infrastructure
• Drive for excellence and a positive “can do” approach.
• Strong technical skills, deep system and infrastructure understanding.
• Experienced with building the full application release cycle (CI/CD).
• Familiar with how modern web applications work and scale.
• Networking, firewall rules management, and application security knowledge.
• Familiar with Linux environment, scripting, and programming.
• Ability to see the bigger picture and carry out system architecture security reviews and secure design.
• Working in a large engineering organization (>250 developers)
• Experience with multi-cloud security, familiarity with OWASP frameworks, solutions, and initiatives
• Exceptional leadership skills, both in the line and matrix
• Hands-on - able to resolve issues/architecture & data challenges
• Product experience and engineering mindset