Job Description

•    Implement the required elements for a secured environment on the Cloud
•    Define baseline security architecture and configuration standards for Public Cloud environment and other services running on it (for example: network, firewall, OS, middleware, etc.)
•    Reviews security technologies, tools and services, follow trends on the market and makes recommendations to the CCoE and other development teams
•    Document Security Risks in the Cloud and their associated mitigation plan
•    Develops standards and practices for security matters, in collaboration with security team
•    Monitor and follow all changes on Public Cloud environment to ensure that they follow the security strategy and standards
•    Follow implementations to ensure that they follow the security strategy and standards, defined by EA, Security and CCoE team
•    Ensure that all implementations on Public Cloud are correctly integrated with and monitored by security and monitoring tools (SIEM, NOC, SOC, etc.)
•    Coordinates with DevOps teams to advocate secure coding practices, and to escalate concerns related to poor coding practices to CCoE, EA and the CISO
•    Advice development teams about security practices
•    Reviews network segmentation to ensure least privilege for network access

Education

Giá trị cốt lõi

1. KHÁT VỌNG
2. CHÍNH TRỰC
3. HIỆU QUẢ
4. KỶ CƯƠNG
5. SÁNG TẠO

Job Requirements

Relevant Knowledge/ Expertise
•    3+ years relevant experience in Cloud Security or related domains
•    Hands-on experience on designing and deployment of security systems and tools on Public Cloud: landing zone, IAM, vulnerability assessment, network security, data protection, log analyzing, compliance.
•    Hands-on experience on designing and deployment of applications and infrastructure into public cloud services.
•    Direct, hands-on experience or strong working knowledge of security concept and solution like firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
•    Full-stack knowledge of IT infrastructure: Applications, Databases, Operating systems, Network, Containers/Kubernetes
•    Direct experience designing IAM technologies and services like Azure AD,     Lightweight Directory Access Protocol (LDAP), Amazon Web Service (AWS) IAM
•    Working experience with Infrastructure as Code and associated language/frameworks 
•    Working experience plus relevant professional certifications (Azure, AWS, etc.) are advantages
•    Experience in working with cloud-native projects and technologies: container, Kubernetes, Terraform, Ansible, or similar technologies
•    Experience with at least one programming or scripting language
•    Experience within regulated industry and regional or multinational scope organization
•    Sound understanding of IT operating model design and best practices

Skills
•    Ability to demonstrate independent leadership, judgment, and decision making
•    Ability to adjust to multiple and changing priorities, remaining flexible and open
•    Ability to create and maintain cooperative working relationships with internal and external stakeholders of peer levels
•    Analytical and communication skills to understand business context; and
•    Enquire, counsel, and present solutions in an understandable and simple manner
•    Be a self–starter and possess the confidence and skills to operate well within a team of highly skilled peers
•    Excellent analytical and technical skills
•    Excellent written and verbal communication skills
•    Excellent planning and organizational skills

Relevant Experience
•    Security engineering
•    Software engineering
•    Cloud operation

Other skills

•    Organizationally savvy, with the ability to navigate organizational politics. 
•    Skilled at influencing, guiding and facilitating stakeholders and peers with decision making. 
•    Ability to quickly comprehend the functions and capabilities of new technologies
Characteristics/Behavior
•    Trusted and respected, who can influence and persuade IT development teams. 
•    Motivated and driven by achieving long-term business outcomes
•    Ability to work effectively in a team environment and lead cross-functional teams