Cloud Security Consultant

Job Overview

Client is growing rapidly and developing new products. With new business capabilities, they encountering new security challenges that require a thoughtful, adaptable approach to strengthen its cloud security strategy.

Key Responsibilities

• Working with the Enterprise Security, Architecture, Cloud Enablement & Engineering teams you will plan, implement and optimise security controls in the cloud (AWS) and consult in the implementation of CNAPP capability.
• Act as a technical security professional, providing advice and guidance to other team members and the wider business.
• Conduct comprehensive technical assessments of existing cloud security capabilities and solutions to identify vulnerabilities and risks.
• Review and development of actionable recommendations and strategies for securing cloud solutions.
• Implementing security measures for cloud-native applications, including container security and serverless architectures.
• Creating a sustainable framework and operational processes for continuous management of Cloud Security.
• Leveraging Infrastructure as Code (IaC) tools to automate the deployment of security controls, ensuring consistency and efficiency.
• Enhancing security configurations and policies to minimise risks and ensure compliance with industry standards and regulations and alignment with industry-leading security frameworks, including the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) and NIST guidelines, to strengthen cloud environments.
• Providing training and awareness programs for partners and internal teams on cloud security standard methodologies.
• Implementing standards and policies to safeguard workloads and the cloud infrastructure.

Experience Needed

• A deep technical security background.
• Several years of experience working with cloud technologies with a security focus.
• In-depth knowledge of cross cloud security principles and standard processes with solid experience of implementation and automation.
• Experience with security tools and technologies such as firewalls, CNAPP, intrusion detection/prevention systems, and SIEM.
• Solid understanding of IAM and RBAC, with emphasis on applying Least Privilege principle
• Clear communication and interpersonal skills to influence, partners, team members and vendors at a tactical level and drive the security agenda across key business units.
• Ability to deliver high quality analysis that minimises bias and error and produce presentations with written and numeric material to a high standard, with a high level of attention to detail and accuracy!
• An understanding of how to implement a strategic Cloud Security support model.

Nice to have:

• Bachelor’s degree or higher in relevant subject (e.g., Cyber Security, Information Security), or equivalent evidenced experience.
• Minimum of 5 years of experience in cloud security, with a solid understanding of cloud platforms such as AWS, Azure, and Google Cloud.

Relevant security certifications such as CISSP & CISM with additional certifications that underscore expertise in cloud security design and deployment: CCSP, AWS Certified Security, Google Professional Cloud Security Engineer & Azure Security Engineer Associate