Description:
We are looking for THREE Cloud Security Controls Specialists within the Cloud Security team within the Global Information Security organization. We need help building out the Cloud Security control objectives and control specifications for Azure, M365, AWS. They are currently being designed and documented by one individual based in EMEA. That person is leaving and we need to continue to build that capability in order to ensure the work continues.
Top Skills' Details
Need to have 5+ years of experience in this space** any less they will be too junior
1) Deep practical experience of securing at least one hyperscale CSP (AWS, Azure, GCP)- How to develop the control specifications that go into these environments in order to migrate to them
2) Experience designing and implementing Security Controls for CSP environments. Hands on experience in designing controls, doing control implementation work and collaborating on the design piece and know how to respond to events on those controls
3) Experience with designing and implementing M365 Security Controls
4) Deep familiarity with several of NIST 800-53, CSA CCM, Mitre AT&ACK for Cloud, Microsoft Cloud Security Baseline and similar frameworks
5) Familiarity with key domains of Cloud security, including IAM, Data Security, Vulnerability Management, Network Security, etc.
Nice to haves:
• Experience of highly regulated environments (FSI preferred) - generic implementation versus a
• At least one Cloud security certification (e.g. CCAK, CSP-specific specializations)
• Hands-on experience of CSPM solutions such as MS Defender, Wiz
Candidates must be able to articulate the following:
- the differences in IAM (AWS and Azure)
- Control framework development and control design thinking
- Vulnerability scanning and management
- Code and IaC pipeline
• How Azure IAM works
• The differences between AWS and Azure IAM
• What Azure resources consist of
• How to secure an IaC pipeline
- what the key OWASP vulnerabilities are
Responsibilities:
- They will work in Jira and Wiki to manage the work and documentation, manager has developed about 70 different pages for this work they will be able to come in and review and use
- Focus on Azure exclusively and then flip to AWS after that
- Create a spreadsheet with the controls and build those out
- Securing a CSP environment (AWS, Azure or GCP)
- Designing and implementing Security Controls for a CSP environment
- Designing and implementing M365 Security Controls
Additional Skills & Qualifications
• Able to work well with others, but be a self-starter
Employee Value Proposition (EVP)- This is an area thats growing rapidly which is very few compared to other groups internally and externally, new leader overseeing the Cloud Security organization has Cloud Security expertise from Google and was also the CISO at Walt Disney and has tremendous support within the bank, focused on shaping the cloud strategy within one of the largest banks, growing and lot to focus on.
Work Environment
Candidate must sit in one of the two markets - Chicago, IL and Denver, CO – 3 days onsite/ 2 days remote
Business Drivers/Customer Impact
Migrating to the public cloud (AWS and Azure) and need to ensure Security Controls are in place before anything can move over to make sure its secure and reduce any risk to the bank. Enable the bank to use the cloud securely, provide that enablement to the entire enterprise, if we don't have the right Security Controls in place we can't deploy, if we can't show compliance and risk and compliance team will block future cases.
About TEKsystems:We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.