Communications, Leadership, and Teaming (20%)
- Understand and promote common security principles, practices, and frameworks.
- Draft cybersecurity strategies that align with business objectives and meet compliance and regulations and champion them throughout the organization
- Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact to services and utilize that knowledge to actively secure the organization
- Communicate the state of cloud and network security posture to cybersecurity leaders, stakeholders, IT and developers
- Participate in professional security groups and consortiums for knowledge and building relationships
- Provide guidance to colleagues in realizing their educational and professional objectives and offer mentorship to more junior staff members.
Architecture Subject Matter Expertise (80%)
- Advise on the development of standards, frameworks, and solutions for Cloud Compute & Network security, driving standards, security best practices, and adoption
- Track and automate metrics for usage, costs, risks, and overall compliance.
- Participate in architecture process, reviews, and standards.
- Collaborate with our Platform Infrastructure, Enterprise Architecture, and other teams to support secure design, testing, implementation, and operationalization of
scalable, resilient solutions across on-prem, hybrid, SaaS, PaaS, and IaaS environments and across geographies
- Recommend and implement cloud security tools and controls
- Use cloud security tools for asset discovery, cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM)
Skills & Experience
- Exhibits deep analytical, conceptual, and problem-solving skills
- Has the ability to effectively communicate at all levels of the entire organization and with internal and external customers
- Displays strong attention to detail and excels in priority/time management.
- Demonstrates the ability to balance customer needs with seamless security delivery
- Possesses a strong understanding of network design principles and implements zero trust/least privilege architecture.
- Proficient in one or more: Terraform, Kafka, Kubernetes, scripting (Python, JavaScript, Bash)
- Ability to influence and collaborate with technical teams and business units and collaborate to reduce attack surface
- Preferably one or more certifications such as GCSA, CCSP, CCSK or CISSP, or one offered by AWS, Google or Microsoft