Cloud Security Manager
Cloud Security Manager
- Provide guidance on security controls and best Practices for on-premise and cloud-based solutions to IT teams
- Ensures our security controls are inline with best practices and standards such as NIST, CSA, CIS, and ITIL
- Conduct internal assessments, identify risks, define improvements and drive action plans to address key issues
- Represents Cloud Security in pre-sales activities and customer-facing engagements as needed
- Support third-party audits for SSAE16, SOC 2, ISO 27001, HIPAA, FedRAMP, and other customer-led assessments.
- Work with stakeholders to define and drive continuous improvements in Security Policies, Procedures, and Technical Controls
- Conduct security risk assessment and vulnerability assessments for identified areas and applications and guide stakeholders for remediation of identified risks and vulnerabilities
- Configure, implement, document and manage security tools including Network Security, End-Point Security, SIEM, DLP, IRM, Vulnerability assessment, Email, security awareness and training, patch management and IAM solutions
- Provide system hardening guidelines for hardware, network and systems software and conduct assessments for gaps
- Research new tools and technologies as requested, evaluate options and provide recommendations
- Provide recommendations to the Security Steering Committee team for resolution of alerts and incidents
- Perform security investigations and document the findings and recommendations for complex incidents, determining the cause of the security incident, resolution and preserving forensic evidence as needed
- Develop the knowledge of other security team members by conducting knowledge-sharing sessions
- Contribute in driving the creation and modification of Work Practices and SOPs
- Identify areas for continuous improvement of security related processes
- Bachelor or Masters Degree in Computer Science or equivalent
- 9 years of deep experience with Cybersecurity architecture and engineering
- Knowledge of Google Cloud, AWS, Azure and SaaS environments
- Knowledge of networking protocols and technologies and network security architecture and engineering
- In-depth knowledge and experience with End-Point Security, SIEM, DLP, IRM, vulnerability assessment and patch management solutions
- In-depth understanding of risk and vulnerability mitigation
- Versed in common / emerging attack vectors (such as malware, ransomware, cryptojacking, DOS, etc) and how to protect systems from these attacks.
- Knowledge of security standards and guidelines from NIST, CSA and ISO
- Hands-on administrative experience with Windows Server, Linux, Oracle DB and SQL/Server technologies
- Basic Knowledge of ITIL Methodologies
- Basic Knowledge and understanding of programming languages (i.e. Java, .Net)
- Analytical and problem-solving skills
- Ability to prioritize and multi-task to achieve competing goals and target dates
- Excellent communication skills
- Willingness to learn and improve
- Nice to have skills:
- Certifications in IT Security e.g., CISSP, CISM, CCSP
- Good understanding of Data Privacy and GDPR regulations
- Experience with Identity and Access Management and Privileged access management
- Experience with Active Directory and Group Policy Management
- Experience with Microsoft Azure, Amazon AWS and Google Cloud technologies
- Aptitude - You have an innate capacity to transition from project to project without skipping a beat.
- Communication - You have excellent written and verbal communication skills for coordination across projects and teams.
- Impact - You are a critical thinker with an emphasis on creativity and innovation.
- Passion - You have the drive to succeed paired with a continuous hunger to learn.
- Leadership - You are trusted, empathetic, accountable, and empower others around you.
- Department:General / Other Software
- Industry:IT - Software
- Skills:security operations, safety, cctv, sop, risk, environmental impact assessment, iso 27001, it security, it services, data privacy, group policy, security risk, windows server, cloud security, security tools, microsoft azure, problem solving, risk assessment, active directory, computer science
- Company Name: MAVEN WAVE PARTNERS (INDIA)PVT. LTD.
- Company Description:
MAVEN WAVE PARTNERS (INDIA)PVT. LTD.