****Must be able to work onsite****
- Assist with the development of security strategy plans and roadmaps based on enterprise architecture practices.
- Assist with providing expert guidance to business units and functions for projects and complex business challenges.
- Assist with validating IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
- Assist with validating security configurations and access to cybersecurity tools.
- Assist with reviewing security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics
- Assist with the maintenance and implementation of enterprise-wide information security policies, standards, processes and technical procedures to ensure sound security practices and regulatory compliance.
- AWS IAM/Azure RBAC (Role-based access control) Expert – help formalize and further mature policies, and drive adoption through the rest of the enterprise
- Experience with cloud vulnerability identification and remediation
- We’re in the process of implementing Splunk as a new SIEM, but would like expertise on the proper events to send to the SIEM, and which to process locally to AWS CloudWatch, etc.
- We are wanting to grow in maturity for threat detection and response
- Experience with AWS anti-attack protections – WAF, CloudFront. We utilize this but would like to mature our process for managing globally
- Experience with implementing security controls with Terraform Enterprise/infrastructure as code, specifically around securing privileges at the workspace level
- Experience with Hashicorp suite of solutions – Consul/Vault, and Terraform Enterprise
- AWS Control Tower/Azure Security Center
- SAST and DAST toolsets – Checkmarx, Rapid7
- AWS/Azure Forensics – working knowledge in comparison to third party offerings.
- After setup of tagging policies in multiple cloud providers, oversee implementation of automated remediation of resources out of compliance.
- Experience with helping Cloud Engineering formulate a security assessment for cloud native applications going-live – similar to AWS Well Architected Review but automated checks to ensure security standards are compliant