First Priority (20%)
Oversees the development and deployment of cloud business solutions that safeguard private company information in cloud environments (such as AWS, Azure, etc.).
Second Priority (20%)
Identifies security flaws and offers solutions by conducting routine security audits and assessments on cloud infrastructures.
Third Priority (20%)
Ensures that cloud security controls and compliance procedures are implemented in accordance with industry best practices, local and international guidelines, and legal requirements (such as CPRA, HIPAA, ISO 27001:2022, etc.).
Fourth Priority (20%)
Investigates security threats and incidents related to the cloud environment and produces detailed reports. Leads relevant team members and partners to a resolution and, when necessary, makes recommendations for solutions to senior leadership.
Fifth Priority (10%)
Keeps up to date on industry best practices, laws, and the latest developments in cloud security technologies. Regularly updates cloud security plans, architecture, threats, vulnerabilities, and mitigation strategies to ensure technology and policies remain current.
Sixth Priority (10%)
Communicates information security issues with partners and key stakeholders across business divisions.
A bachelor's degree in information technology, computer science, or a related field is required.
Preferred certifications include AWS Certified Security Specialty and Certified Cloud Security Professional (CCSP).
7+ years of IT security expertise, with at least 3 years dedicated to cloud security.
Strong expertise in Microsoft security tools, including MS Defender, Azure Security Center, and Azure Sentinel, as well as O365 and Azure cloud services.
Expert-level knowledge of cloud security frameworks such as AWS, Azure, and Google Cloud.
Experience implementing security standards such as NIST, ISO 27001, and CIS Top 18 is highly desirable.
Hands-on expertise with cloud security tools and technologies, including identity management, network security, and encryption.
Prior experience working in large, ideally multinational organizations is a plus.
Proactive, self-driven, and capable of leading multiple initiatives simultaneously.
Occasional domestic or international travel may be required.
Ability to perform additional duties as assigned.
Strong ability to analyze technical structures, identify security vulnerabilities, and implement corrective measures.
Expertise in log data analytics, incident classification, intrusion detection, network protocol analysis, evidence recovery, and incident response.
Ability to manage external vendors in delivering security products, services, and initiatives.
Proven leadership capabilities for both technical and non-technical teams.
Excellent problem-solving skills and ability to work under pressure.
Strong written and verbal communication skills, with the ability to engage with stakeholders at all levels.
Deep understanding of attack chains, adversary tactics, emerging threats, and vulnerabilities.
Strong knowledge of network security, authentication and access control, and secure application development.
Strong technical, analytical, planning, and organizational skills.
Lead and Support Others
Strive for Excellence
Challenge Boundaries with Confidence
Empower Action and Foster Growth