Cloud Security Specialist
The role will provide information security direction, management, and maintenance of enterprise-wide cloud solutions and services. The Cloud Security Specialist advocates for security requirements and objectives while ensuring that security architectures and practices do not impede the needs of the business. The Cloud Security Specialist will be expected to evaluate new services, vendors, applications, and security tools from a technical perspective, and to determine the risk characteristics of these activities and functions.
- Delivering in collaboration with technology and security teams the adoption of Microsoft Cloud based security services and capabilities.
- Identify and communicate current and emerging security threats.
- Develop and maintain security architecture artifacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
- Provide technical expertise and support to customers, IT management and staff in cloud security threat risk assessments, development, testing and the implementation and operation of appropriate information security plans, procedures, and control techniques designed to prevent, minimize, or quickly recover from cyber-attacks or other serious cloud events.
- Review complex architecture design diagrams and documents for new technologies and changes to existing technologies to determine risks and provide recommendations and mitigations.
- Design process flows to be implemented in security automation tools to automatically respond to threats quickly and effectively.
- Validate IT cloud infrastructure for security best practices and recommend changes to enhance security and reduce risks, where applicable.
Position Qualifications Required:
- Experience with cyber investigations and/or threat hunting.
- Experience with cloud computing.
- Ability to work independently with little or no supervision.
- Excellent oral and written communication skills.
- Ability to explain technical concepts to the business users in the context of business requirements.
- Broad knowledge of information systems such as Windows security, network security, systems development, communication networks, security software/hardware and operating systems.
- Experience with key information security technologies such as SIEM, firewalls, intrusion detection/prevention systems, vulnerability assessment, encryption, identity and access control systems, anti-malware, and security event analysis.
- Preferred bachelor’s degree in Computer Science or Information Systems or Cyber Security or Engineering or related field and a minimum 5 years of experience in information security or related IT experience.
- Preferred security certifications in incident response, cyber investigation, forensics, or threat hunting.
- Preferred programming experience in Python
- Certifications Considered a Plus
- CISSP certification or other industry accepted security certifications not limited to those listed below.
- Certified Cloud Security Professional (CCSP)
- Certified Ethical Hacker (CEH)
- Global Industrial Cyber Security Professional (GICSP)