Job Description
Job Description:
- Understand and engineer cloud network architecture
- Assess, design, implement, automate, and document security solutions and processes for Public and Private Cloud environments, SaaS applications and other cloud platforms
- Collaborate with other Security and Infrastructure teams to develop consistent technical solutions, implementation activities and support processes in Cloud and SaaS environment
- You will drive decisions regarding security tools, cloud services, processes, application architecture and service delivery in the cloud.
- Ensure strategic alignment with existing standards and direction for the architecture, installation, and maintenance of all security components as they relate to the establishment and maintenance of compliance programs
- Write and manage technical documentation
- Understand security controls in used cloud provider (including subscribed SaaS) and review the possibility of applying those features or common security standards
- Perform patch management processes toward covered domains
- Investigate and resolve security violations by providing postmortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
- Communicate with relevant team members to execute and monitor the security controls in the Cloud and SaaS
Requirements:
- 1+ years of experience with Architecture, Install and/or administration of security solutions and control in Cloud and SaaS environments
- Fresh graduates with hands on experience with Public Cloud Infrastructure is welcome to apply
- Has good knowledge of networking and Security Engineering, as well as technical approaches in design, build, testing, debugging problems as required
- Stays current with new and evolving technologies via formal training and self-directed education
- Experience with cloud computing and security in the cloud required.
- Experience with multiple information technology and security technologies: IIS, SQL, firewall, IPS/IDS, Windows, Linux, Anti-Virus, mail filtering, WAF, encryption, CA authority, IDM/IAM, multi factor authentication, SSO, VPN, Vulnerability Management, DDoS, SIEM, FIM, WIPS, MDM, Pen Testing, Virtualization technology.
- Knowledge in security and compliance frameworks and regulations, is an advantage, such as NIST, ISO, PCI DSS, GDPR
- Familiar with MITRE ATT&CK and CIS Framework
- Ability to learn and adapt to new frameworks/technologies and quickly integrate with them for automation of service delivery
- Have at least one Cloud certification is a plus