Job Description

Being a member of the Cybersecurity Services (CS) tribe within Information Technology, the Lead Cloud Security Governance Analyst is passionate about protecting us from cybersecurity risks through world class security architecture, engineering and governance practices. Cloud Security refers to a broad set of policies, technologies, applications, and controls applied to protect virtualized IP, data, applications, services and associated infrastructure of cloud computing.

This position reports into the Associate Director, Cybersecurity Governance and is responsible for evaluating, implementing, and measuring security controls in our multi-cloud environments. This position is part of the Cloud Security Agile squad and focused on building a strong security governance framework aligned to industry best practices and standards; driving security-first attitude across the enterprise, improve accountability, security, scalability, and increase business agility.

Responsibilities:

• Will be an active member of an Agile squad focused on building a mature public and private cloud security capability within IT
• Implement governance objectives in a consistent, repeatable, and automated manner across multiple cloud environments
• Facilitate and respond to audit and assessment engagements to represent the organization’s operation of security controls
• Drives maturity of cloud security services by identifying important outcome-based metrics to highlight cloud related risks; influencing behavior change within the organization towards security-first mindset
• Work cross-functionally with other departments to elevate our posture to cloud services thru improved security and standard methodologies

Leadership Competencies for this level include:

• Accountability
• Global Collaboration
• Communication
• Influencing
• Innovation and Creativity

Qualifications:

• Minimum 6 years of related experience
• Bachelor’s degree preferred or equivalent experience
• Strong experience in Information Security GRC (governance, risk and compliance) and understanding of Cloud Security capabilities, specifically in Network Security, Identity & Access Management, Certificate Management, Application Security Management, Security Information & Event Management (SIEM)
• Strong working knowledge in implementing security controls and best practices in public cloud platforms (AWS, Azure)
• Deep understanding of risk management principles and standards (ISO 27001/ISMS, PCI, COBIT, NIST) to recommend methods to mitigate risks with standard control mechanism
• Expertise on performing periodic control gap assessment or internal/vendor security assessment on systems and technologies
• Experience with cloud security monitoring tools such as Dome9 and ability to define and present security risk metrics/data, desired

Job Categories: Cloud Computing Engineer. Job Types: Full-Time. Job Tags: Cloud Software Engineer.

Apply for this Job