CLOUD INFORMATION SECURITY ADVISOR - PS19285
2 days Telecommuting
Support Cloud Controls to holistically enable the current Cloud Security program strategy and share considerations into improving security methodology, program capabilities and focus areas for maturity for the following areas:
- Visibility Cloud services are provisioned within enterprises with proper management and oversight.
- Security is integrated into business awareness.
- Compliance models for cloud;
- Data properly protected at rest and in transit.;
- Consistent Cloud IAM strategy and implementation ;
- Incident Response Rapid identification of incidents and recovering from Cloud breaches;
- May act a key contact for setting vendor strategy including Cloud security vendors and Vendor Management Cloud requires a shared responsibility model
Accountable for effectual partnerships with peer teams to drive secure design, implementation and orchestration of complex, multi-product solutions for cloud systems.
Participate in architecture reviews and cloud committees as part of the project lifecycle to document and communicate where automatic provisioning of compute, network and storage resources are and are not governed and controlled by security automation, standards, roles and policies.
Primary duties may include, but are not limited to:
- Provide architecture support and planning for information and network security technologies;
- Provides technical support to business and technology associates in risk assessments and implementation of appropriate information security procedures, standards and technologies;
- Maintains security incident response plans; represents major upgrades and business system replacements in change control;
- Oversees Enterprise mix of vendor services;
- Recommends changes and updates to strategy;
- Designs & engineers repetitive technical solutions based on business requirements and defined technology standards; develops support procedures and performance metrics reports;
- Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the Enterprise.
- Provides technical guidance and leadership to the technical engineers within the organization.
- Proposes opportunities to improve results based on targeted or continuous assessment.
- Routinely acts as a subject matter expert among peers, with manager and senior management.
- Must be capable of providing top-tier support for 4 or more of the information security technology common body of knowledge skill sets: 1) Access Control, 2) Application Security, 3) Business Continuity and Disaster Recovery Planning, 4) Cryptography, 5) Information Security and Risk Management 6) Legal, Regulations, 7) Compliance and Investigations, 8) Operations Security, 9) Physical (Environmental) Security, 10) Security Architecture and Design, 11) Telecommunications and Network Security.
- Develops reports supporting strategy and direction for management.
Preferred experience, knowledge or certifications:
- Requires BS/BA in related field; or any combination of education and experience, which would provide an equivalent background
- 5-8 years’ experience (8+ yrs exp. for Sr Advisor level) in systems administration and security aspects of information systems, computer networking, telecommunications, systems development and management; significant experience with multiple technical and business disciplines required; requires broad-based experience to plan and design highly complex systems; or any combination of education and experience, which would provide an equivalent background.
- Demonstrated experience or substantial knowledge in supporting competencies in cloud security standards is required.
- Requires either: Strong Experience with cloud background OR Diverse experience within Platform security and applications experience to provide cloud systems solutions.
- Strong knowledge and understanding of industry-accepted data processing controls and concepts as applied to access management and network security technologies, hardware, software, data, network communications, and people.
- Experience supporting any Cloud environment with multifactor authentication, CASB, Container Security.
- AWS experience.
- Security Certifications: CISSP preferred and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications) Any Amazon Web Services (AWS) – any level, Cloud Security Alliance (CSA) and CIS benchmarks.
- Understand security best practices, policies and standards to design highly secure cloud architectures for internal and external cloud solutions as required by HIPPA and other regulations and requirements
- Presenting and engaging information with internal IT teams.
- NetSkope experience
- Project team experience
Security Clearance Required: No
Visa Candidate Considered: No