Cloud Security Manager Full Time

Provide guidance on security controls and best Practices for on-premise and cloud-based solutions to IT teams
Ensures our security controls are inline with best practices and standards such as NIST, CSA, CIS, and ITIL
Conduct internal assessments, identify risks, define improvements and drive action plans to address key issues
Represents Cloud Security in pre-sales activities and customer-facing engagements as needed
Support third-party audits for SSAE16, SOC 2, ISO 27001, HIPAA, FedRAMP, and other customer-led assessments.
Work with stakeholders to define and drive continuous improvements in Security Policies, Procedures, and Technical Controls
Conduct security risk assessment and vulnerability assessments for identified areas and applications and guide stakeholders for remediation of identified risks and vulnerabilities
Configure, implement, document and manage security tools including Network Security, End-Point Security, SIEM, DLP, IRM, Vulnerability assessment, Email, security awareness and training, patch management and IAM solutions
Provide system hardening guidelines for hardware, network and systems software and conduct assessments for gaps
Research new tools and technologies as requested, evaluate options and provide recommendations
Provide recommendations to the Security Steering Committee team for resolution of alerts and incidents
Perform security investigations and document the findings and recommendations for complex incidents, determining the cause of the security incident, resolution and preserving forensic evidence as needed
Develop the knowledge of other security team members by conducting knowledge-sharing sessions
Contribute in driving the creation and modification of Work Practices and SOPs
Identify areas for continuous improvement of security related processes
Your Expertise:

Bachelor or Masters Degree in Computer Science or equivalent
9 years of deep experience with Cybersecurity architecture and engineering
Knowledge of Google Cloud, AWS, Azure and SaaS environments
Knowledge of networking protocols and technologies and network security architecture and engineering
In-depth knowledge and experience with End-Point Security, SIEM, DLP, IRM, vulnerability assessment and patch management solutions
In-depth understanding of risk and vulnerability mitigation
Versed in common / emerging attack vectors (such as malware, ransomware, cryptojacking, DOS, etc) and how to protect systems from these attacks.
Knowledge of security standards and guidelines from NIST, CSA and ISO
Hands-on administrative experience with Windows Server, Linux, Oracle DB and SQL/Server technologies
Basic Knowledge of ITIL Methodologies
Basic Knowledge and understanding of programming languages (i.e. Java, .Net)
Analytical and problem-solving skills
Ability to prioritize and multi-task to achieve competing goals and target dates
Excellent communication skills
Willingness to learn and improve
Nice to have skills:
Certifications in IT Security e.g., CISSP, CISM, CCSP

Tagged as: active directory, cctv, cloud security, computer science, data privacy, environmental impact assessment, group policy, iso 27001, it security, it services, microsoft azure, problem solving, risk, risk assessment, safety, security operations, security risk, security tools, SOP, windows server