IT Cloud Security Lead

Position: Cloud Security Lead

Start Date: - Immediate

Minimum Term: - 6 months with opportunity for long-term engagement

Role Description:

Cloud Security Lead is a member of the IT Security Team who leverages extensive experience in Information

Systems and Cloud technologies to develop strategies and solutions that support the business and protect against

threats over the long term. The Cloud Security Lead proposes and promotes standards and works closely with

other IT practice leads to ensure adoption of secure designs and practices.

Candidate must have strong hands-on technical background, and should enjoy researching, designing and

implementing secure modern solutions with Azure paradigms and facilities. Candidate must be highly collaborative

and is expected to mentor and partner with other teams on a regular basis

Specific responsibilities:

 Strong conceptual thinking and communication skills - the ability to translate complex business and

technical requirements into effective and secure solutions

 Applies strong logic and principles-based reasoning to define solutions and justify proposals

 Contributes to the development and maintenance of the Cloud Security strategy

 Works closely with other IT Leads and staff to ensure that security is appropriately addressed in the

definition, design, and implementation of Cloud-based systems, applications, and services (IaaS, PaaS, and

SaaS)

 Researches, designs and advocates for appropriate Cloud technologies, solutions and configurations

 Maintains deep expertise in the growing body of Cloud technologies and related threats, exploits and

mitigations

 Plays lead role in design and implementation of Cloud Security initiatives

 Serves as lead engineer supporting Cloud Security

 Acts as a key member of the CSIRT

Experience/Skills Required(5-10 years):

 Extensive experience securing Azure and Microsoft 365 environments

 Expertise designing successful, secure Cloud-Native and hybrid (PaaS/IaaS) implementations

 Expertise securing Kubernetes environments (preferably Azure Kubernetes Services)

 Extensive hands-on experience with security infrastructures (e.g. Firewalls, IDS/IPS, VPN, Web Content

Filters, Proxies, DLP, SIEM, event-correlation technologies)

 Extensive hands-on experience operating one or more common IT infrastructures (Telecom, database,

Windows and *NIX systems, virtualization platforms)

 Proficiency with scripting / programming languages (e.g. Python, Powershell, C++)

 Proficiency in Threat Modeling

 Expertise with enterprise identity and namespace services (e.g. Active Directory, LDAP, DNS, OAuth2, SAML)

 Expertise with enterprise certificate management and PKI services

 Strong familiarity with NIST Cyber Security Framework and ISO 27001

 Strong familiarity with Zero Trust concepts and principles

 Demonstrable expertise with configuration automation practices and toolchains (e.g. Chef, Puppet, Ansible,

etc…)

 Familiarity with a relevant Enterprise Architecture methodology (e.g. Zachman Framework, TOGAF)

 Not essential, but highly valued; Professional experience in application or infrastructure penetration testing.

Education Required:

 Bachelor or master degree in computer science, information systems or other related field, or equivalent

work experience.

 Professional security management certification, such as a ISC(2) Certified Information Systems Security

Professional (CISSP), Certified Cloud Security Professional (CCSP), SANS GIAC Information Security

Professional (GISP), GIAC-Security Expert (GSE), or GIAC Certified Enterprise Defender (GCED)