Information Security Senior Advisor
As a Cloud Security Specialist you will combine your broad security background with applications expertise to provide cloud systems solutions. Opportunity for self-starter experienced in Cloud security standards with ability to communicate with internal business partners!
New technology - NetSkope platform being added!
Atlanta, GA on-site Also will consider the following sites: Indianapolis, IN; Richmond or Norfolk, VA and Mason, OH.
Internal Job Title:
Info Security Sr. Advisor
Support Cloud Controls to holistically enable the current Cloud Security program strategy and share considerations into improving security methodology, program capabilities and focus areas for maturity for the following areas:
- Visibility Cloud services are provisioned within enterprises with proper management and oversight.
- Security is integrated into business awareness.
- Compliance models for cloud;
- Data properly protected at rest and in transit.;
- Consistent Cloud IAM strategy and implementation ;
- Incident Response Rapid identification of incidents and recovering from Cloud breaches;
- Vendor Landscape Every Cloud security vendor has a different solution to the same problem. Cloud DevOps DevOps are agile in the Cloud;
- Vendor Management Cloud requires a shared responsibility model
Accountable for effectual partnerships with peer teams to drive secure design, implementation and orchestration of complex, multi-product solutions for cloud systems.
Participate in architecture reviews and cloud committees as part of the project lifecycle to document and communicate where automatic provisioning of compute, network and storage resources are and are not governed and controlled by security automation, standards, roles and policies.
Primary duties may include, but are not limited to:
- Establishes architecture oversight and planning for information and network security technologies; leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations; establishes strategic vendor relationships for security products and services; develops enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements; provides advanced level engineering design functions; provides trouble resolution and serves as point of technical escalation on complex problems.
- Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the Enterprise.
- Provides technical guidance and leadership to the technical engineers within the organization.
- Proposes opportunities to improve results based on targeted or continuous assessment.
- Routinely acts as a subject matter expert among peers, with manager and senior management.
- Must be capable of providing top-tier support for 5 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.
- Develops reports supporting strategy and direction for management.
- Requires BS/BA in related field; or any combination of education and experience, which would provide an equivalent background
- 8+ years’ experience in systems administration and security aspects of information systems, computer networking, telecommunications, systems development and management; significant experience with multiple technical and business disciplines required; requires broad-based experience to plan and design highly complex systems; or any combination of education and experience, which would provide an equivalent background.
- Demonstrated experience supporting competencies in cloud security standards is required.
- Experience supporting any Cloud environment with multifactor authentication, CASB, Container Security is preferred.
- AWS experience is strongly preferred.
- Advanced knowledge and understanding of industry-accepted data processing controls and concepts as applied to access management and network security technologies, hardware, software, data, network communications, and people.
- Security Certifications: CISSP preferred and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications) Any Amazon Web Services (AWS) – any level, Cloud Security Alliance (CSA) and CIS benchmarks.
- Understand security best practices, policies and standards to design highly secure cloud architectures for internal and external cloud solutions as required by HIPPA and other regulations and requirements.
- Communication skills with experience presenting and engaging with various business units external to IT.
- NetSkope experience is strongly preferred.
Security Clearance Required: No
Visa Candidate Considered: No