Principal Specialist - Information Security

Company Overview

(Company overview not specified.)

Job Summary

The Public Cloud Security Specialist is responsible for ensuring the security of cloud implementations across the organization. This role focuses on identifying and mitigating security risks, conducting comprehensive risk assessments, and advising on security architectures to meet compliance requirements. The specialist plays a crucial role in safeguarding the organization's cloud infrastructure and aligning it with industry standards and internal policies.

Responsibilities

• Perform security reviews for all cloud implementations to ensure adherence to best security practices.
• Design and review network security architecture.
• Engage in ideation, analysis, planning, implementations, and remediation for any reported non-compliance in cloud environments.
• Identify security gaps in cloud infrastructure and platforms.
• Translate cloud-related risks and issues, determining appropriate action plans for mitigation.
• Assess potential security risks in operations, test, development, and production environments.
• Define and maintain enterprise-wide security architecture principles, patterns, and standards across infrastructure and application domains.
• Conduct comprehensive risk assessments and threat modeling for new and existing systems, ensuring alignment with PCI-DSS, ISO 27001, and internal security policies.
• Exhibit a thorough understanding of various security areas such as Identity and Access Management (IAM), cryptography, vulnerability management, and risk management.
• Support and track items relevant to risk mitigation.
• Act as a security advisor in architecture review boards, ensuring security is a foundational consideration in all technical decisions.
• Demonstrate strong experience with at least two of the following cloud technologies: Azure, AWS, or GCP.
• Any additional cloud technology platform experience is considered a significant plus.

Qualifications

• 13+ years of IT Security experience.
• A minimum of 6 years experience in Cloud Services / Cloud Security.
• Expertise in cloud security controls.
• Hands-on experience with Cloud Security Architecture review and controls.
• Good understanding of cloud networking, systems architecture, virtualization, and Docker containers.
• Core technical IT background.
• Familiarity with security and auditing standards (e.g., ISO 27000, PCI/DSS, SSAE18).
• Ability to conduct independent assessments of cloud supplier services and evaluations.
• Certifications required: At least 2-3 from the following list:
  • Azure Admin (AZ-104)
  • Azure Security Engineer (AZ-500)
  • AWS Solution Architect Associate
  • AWS Security Specialty
  • GCP Cloud Engineer
  • GCP Cloud Security Engineer
• Industry certification in security (e.g., CISSP, CCSP, CCSK, CISM) is a must.

Preferred Skills

• Additional cloud technology certifications or experience beyond the mandatory ones listed above will be advantageous.

Experience

• 13+ years of total IT Security experience required.
• 6+ years in Cloud Services / Cloud Security is mandatory.

Environment

(Work setting, location, and environmental conditions not specified.)

Salary

(Salary information not specified.)

Growth Opportunities

(Career advancement opportunities not specified.)

Benefits

(Benefits information not specified.)