Tasks and Responsibilities

• Serves as the lead for the deployment and implementation of public, private, and hybrid cloud security controls within on premise and remote virtualization environments. (Azure, VMWare, Nutanix, AWS, GCP, etc.)
• Act as a subject matter expert in knowledge of Microsoft Azure cloud services security features such as Azure Security Center, Windows Defender, Compliance Center, Sentinel, and Microsoft 365 workloads. 
• Work as a member of the Security Engineering team to ensure sensors and systems are best utilized for accomplishing security program objectives in the cloud.
• Demonstrate effective risk management skills to include appropriately identifying and mitigating weaknesses in cloud resources as needed.
• Enhance procedures and processes for designing, testing, and maintaining security controls across cloud networks, systems, and applications shared by various teams.
• Provide leadership and guidance on cloud solutions to personnel across both operational and strategic levels, as well as third party contractors and vendors supporting the IT department and other business units.
• Collaborate with the IT department and other teams to improve asset management and accountability for cloud hosted infrastructure, controls, and integrations.
• Operate as a member of the enterprise Information Security Organization and also Enterprise Risk Management teams in support of overall protection and assurance of data and technology.
• Communicate cloud concepts to both technical and non-technical audiences across different units within the organization for improving cloud governance.
• Adequately produce security controls in line with industry standards and security frameworks to meet regulatory compliance needs (e.g. PCI-DSS, SWIFT, NIST, and ISO).
• Participate in Application Development (AppDev) and DevOps projects and initiatives to implement security controls and procedures into the development lifecycle (DevSecOps, SSDLC, CI/CD, etc.).
• Support other cloud security activities across various cloud service provider technologies in the environment, to include security assessments, testing, and evaluations (e.g. Amazon AWS, Google Cloud Platform, IBM, and Oracle). 

Required

• Bachelors or master's degree in computer science, information security, information technology, or a related field.
• Min. 3-5 years’ experience working as a cloud security engineer or similar role leading the development and implementation of cloud security controls.
• Hands-on experience with documenting and reporting on public, private, and hybrid cloud networks, systems, applications, and resource security.
• Experience with popular information security frameworks, such as International Organization for Standardization (ISO) 27001, National Institute of Standards and Technology (NIST), CSI CSC 20, etc.
• In-depth knowledge and understanding of information security risk management concepts and principles.
• Ability to translate Information Security policies and procedures into language that a business and/or technical person can understand and ability to effectively communicate with both non-technical and technical people
• Strong problem solving with the ability to methodically and objectively analyze and resolve Information Security challenges across multiple business teams.

Preferred

• Experience working in Information Security practices within the Financial Services industries and sectors to include banking, insurance, asset management, lending, and other sectors.
• Working knowledge and comprehension of common Financial Services regulatory bodies and frameworks (FFIEC, SOX, GLBA, PCI-DSS, NYDFS, etc.)
• Recognized industry security certifications and credentials specific to cloud security and risk management (CISSP, CCSP, CISM, CRISC, CISA, GIAC/SANS, Cloud Security Alliance, AWS/Azure, etc.)
• Advanced demonstrated proficiency in deploying Infrastructure-as-a-Service, Platform-as-a-Service, Software-as-a-Service, and other on-demand cloud computing solutions. (Azure Blueprints, Azure Resource Management, PowerShell/Bash, and other DevOps/Infrastructure-as-Code tools.)
• Strong communication skills across business units while working in remote operations.

Documentation and diagram experience using common SDLC or security tools (Visio, VisualParadigm, Microsoft Project, etc.)