This role is part of a larger team dedicated to cloud-based management and security. The role is also responsible for the development and execution of large-scale cyber security initiatives and requires a professional with problem-solving abilities who can work in a fast-paced environment and has a clear passion for cloud security and cloud technologies.
- Academic qualifications in computer science, cybersecurity, or any related field.
- Recognized industry certifications in cloud security- CSA CBK, CCSP, CISSP.
- At least 5 years of experience in cyber security.
- At least 3 years of experience and hands-on expertise in cloud security.
- Practical knowledge of public cloud offerings such as AWS, Azure and GCP.
- Practical knowledge of services related to cloud computing, network, storage, content delivery, administration and security, deployment and management, automation technologies.
- Robust microservices programming (AWS Lambda, Docker, etc.)
- Good understanding and exposure to cloud standards, architecture, and models.
- Experience with PKI, SSL, SSH etc. Hands on knowledge of automation and DevSecOps skills.
- Good understanding of software development principles, including design patterns, code structure, programming languages, continuous integration, continuous deployment, and deployment orchestration.
- Experience with open-source software security.
- Experience with network protocols and deep packet inspection.
- Knowledge of microservices, Kubernetes, docker etc.
Knowledge & Skills:
- Required Skills: strong technical skills, including experience with Linux and Windows operating systems, scripting languages, and cloud provider ecosystems like Amazon AWS, GCP and Azure.
- Excellent attention to detail, as they must constantly monitor systems to ensure there are no external threats.
- Excellent oral and written communication skills will be essential when interacting with team members.
- Strong problem-solving skills to swiftly and deal with threats or flaws in cloud environments.
- Skilled in discussing complex security issues in understandable business terms.
- Detailed knowledge of system security vulnerabilities and remediation techniques.
- Ability to recommend solutions based on use cases and business requirements.
- Stay- Abreast with emerging technologies and threats and ability to proactively assess and evaluate the adoption thereof in the organization.
- Provide assurance through collaboration with other stakeholders that all cloud and digital platforms meet the organisations security requirements.
- Provide security recommendations on cloud-based data security, platforms, and application development.
- Recommend innovative technologies or other methods that will enhance the security of cloud-based environments.
- Serve as the subject matter expert (SME) on cloud security.
- Develop standards, policies, and procedures as well as best practices documentation.
- Translate security and technical requirements into business requirements and communicate security risks to different audiences ranging from business leaders to engineers.
- Influence multi-disciplinary teams in implementing and operating cyber security controls.
- Work closely with application developers to deliver creative solutions to complex technology challenges and business requirements.
- Automate security controls, data, and processes to provide better metrics and operational support.
- Utilize cloud-based APIs when appropriate to write network/system level tools for securing cloud environments.
- Stay current on emerging security threats, vulnerabilities, and controls.
- Identify and implement new security technologies and best practices.
- Create technical and managerial level reports and conduct risk assessments for Cloud-based applications and infrastructure.
- Identify processes/procedures for how to handle cloud security events, including forensic isolation and mitigation with Digital Forensics and Incident Response teams.
- Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis.