Category: Software Engineering
Company Description: Global Leader in Integration and Analytics Software
Salary: Highly Competitive, Depending on Experience
Position Type: Client Services
Job Number: 10619
A Cloud Security Architect needs to be comfortable:
Working with all stakeholders to implement cloud security architectures and best practices by determining security requirements and proposing solutions that balance business requirements with information and cyber security requirements.
Assisting in guiding, prioritizing, and measuring our efforts in achieving and maintaining cloud security.
Performing internal cloud services security reviews and recommending changes or enhancements for identified security design gaps in existing and proposed architectures.
Aligning security standards, frameworks and policies with overall business and technology strategy.
Designing and building prototype security solutions, including security specific test cases.
Performing and facilitating security reviews and threat modeling exercises, identifying attack vectors that may be used to exploit cloud services and working collaboratively to remediate.
Drive on-going security testing for vulnerabilities utilizing both automated and manual testing tools.
Identifying and communicating current and emerging cloud security threats, including specifying requirements and controls to mitigate threats as they emerge.
Assisting with security reviews of third party vendors and services providers when needed.
Assisting with Incident Response as required and contributing to GDPR breach notification efforts.
Assisting with customers’ specialized security questionnaires related to cloud security.
Working cross company to identify and implement GDPR requirements, related to cloud services offerings.
Influencing culture by helping drive Secure Cloud Adoption.
Staying current by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
We also have a Detection and Response role to provide technical direction and oversight of the cybersecurity incident detection and response function including:
Implementing the necessary controls, infrastructure and procedural playbooks to monitor, identify and provide proactive detection and response.
Performing incident triage and handling by determining scope, urgency and potential impact in order to identify the incident cause and recommending actions for expeditious remediation.
Coordinating with appropriate stakeholders and acting as subject matter expert to resolve incidents, including facilitating root cause analysis.
Developing and ensuring incident document is properly generated from initial detection through final resolution.
Reviewing detailed incident reports and provides technical briefs as required.
Working across all of our client's divisions to identify, evaluate and report cybersecurity risks.
Analyzing data, such as logs or packets captures, from various sources and drawing conclusions regarding past and future security incidents.
Maintaining and expanding appropriate information security metrics for detection and response.
Andiamo provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Andiamo complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Please Note: All inquiries will be treated with the utmost confidentiality. Your resume will not be submitted to any client company without your prior knowledge and consent.