Cloud Security Architect
· Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients.
· Identify and document information security risks and propose mitigating controls.
· Will be responsible for understanding complex business IT needs, requirements and projects scopes, with a focus on information security requirements.
· Research, design, and develop new information security controls for clients.
· Assess current IT environments and make recommendations to increase security.
· Assist clients in troubleshooting and resolving information security issues.
· Author project and support documentation and diagrams.
· Implement security solutions.
· Assessed, developed and implemented, operationalized and documented comprehensive security technologies and processes.
· Secure software development, data protection, cryptography, key management, identity and access management (IAM), network security (VPNs) within SaaS, IaaS PaaS, and other cloud environments.
· Architected solutions within Amazon Web Services (AWS) and other cloud providers and SOA for cloud-based services.
· Worked with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
· Performed security design/ architecture reviews, code reviews, and penetration tests of large applications, systems and / or networks.
· Worked on large scale cloud based services ( including SaaS, PaaS, IaaS) and understand security challenges involve in deploying Cloud Applications.
· Created and maintained security policies and procedures, managing the protection of information systems and assets.
· Performed threat modeling and design reviews assessing security implications and requirements introducing new technologies.
· Hand-on experience with multiple security technologies such as Firewalls, Intrusion detection/Prevention Systems, Vulnerability scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions.
· Solid understanding of a range of compliance, regulatory and legal requirements and relevant principles, best practices and standards across multiple industries. Preferred industries: financial services, telecommunications. Examples would include: PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPPA and TCG.
· Have working knowledge of common and industry standard cloud –native/ cloud friendly authentication mechanisms (OAuth, OpenID, SAML, Ping, Okta, etc) and key management(Safenet, Vormetric, other)
· Cloud security and/ or architecture related certifications- AWS Certified Solutions Architect or Certified DevOps Engineer.