Cloud Security Management Specialist

Job description

At First Digital Group we are looking for a Cloud Security Management Specialist who is experienced in cloud (AWS/Azure/Google Cloud/etc.) and security areas to coordinate related activities.

Your responsibilities

• Active support security strategies implementation for Could transformation programs (GS business unit wide)
• Coordinate MN DU S Cloud Vulnerability Management and Security Testing Programs
• Validate and create Vulnerabilities reports for cloud accounts
• Provide technical guideline for cloud account owners cover implementation mitigation actions against found vulnerabilities
• Create tactical plans for security controls implementation in cloud computing and virtualization
• E2E control findings remediation of security vulnerabilities to ensure timely (according agreed SLAs) resolution
• Translate application security requirements for Infra and Cloud solutions
• Assessing maturity level of security controls implementation in the hybrid cloud environment
• Drive security program based on various security standards (mostly ISO27001, CSA Cloud Controls Matrix (CCM), SOC)
• Drive internal security audits and support customer security validation programs
• Conduct technical and process-based security assessments for applications and services and recommend remediation actions
• Develop and iterate security baseline, best practices, processes, and security documentation
• Support creation of application and infrastructure roadmap creation for cloud processing environment
• Identify cloud security requirements in the customer’s contracts and translate it to specification of controls which need to be implemented
• Validate security posture of data processing solutions provided by external vendors (e.g. 3rd part software, SaaS, IaaS)
• Cooperate with internal security organizations Cyber Security team, HSSE
• Monitor market security solutions trends and analyses their applicability in MN DU S data processing solutions
• Contribute in creation of cloud security awareness programs dedicated for application and infra owners
• Coordinating Vulnerability Scanning address towards Cloud infra components

Our requirements

• Good understanding on security architecture principles, application security standards, application security, testing
• Very good understanding communication protocols and concepts: HTTP, REST API,
• Understanding of network technologies related with implementation of virtual routers, firewalls, web application firewalls, reverse proxies
• Very good understanding databased environment relational, non-relational: MS SQL, My SQL, Postgres, Mongo DB…
• Very good understanding virtual, cloud structure (Azure, AWS, Google Cloud), microservices, docker platform use to hosting applications
• Good understanding genesis of most common security variabilities in applications (preferable knowledge about Top Ten Risk by OWASP), infra, cloud solution
• Practical experience in making can coordination of security programs for cloud and virtualization solutions
• Analytical and project management skills need to correlate multifactor security assessments for applicants and cloud solutions
• Knowledge about security architecture models for modern web, mobile application
• Basic knowledge about programming languages use for web-oriented applications: .NET C#, Java, JS, HTML

Benefits

Opportunity to work in various projects
Flexible working hours  
Attractive salary referring to your skills and experience
Possibility to choose the type of contract (B2B or Work Agreement) 
Private medical healthcare
Friendly atmosphere and helpful team
Company social events

Apply by sending your CV and a covering letter at careers@thefirstdigitalgroup.com quoting CS2021