Job Description
Pay Range 65hr - 70hr
Responsibilities:
- Application Support: Develops procedures and documentation for applications support.
- Manages application enhancements to improve business performance.
- Advises on application security, licensing, upgrades, backups, and disaster recovery needs.
- Ensures that all requests for support are dealt with according to set standards and procedures.
- Business Process Improvement: Analyzes business processes; evaluates alternative solutions, assesses feasibility, and recommends new approaches, typically seeking to exploit technology components.
- Evaluates the financial, cultural, technological, organizational and environmental factors which must be addressed in the change program.
- Develops business requirements for the implementation of significant changes in organizational mission, business functions and process, organizational roles and responsibilities, and scope or nature of service delivery.
- Information Management: Ensures that the business processes and information required to support the organization are defined and devises appropriate standards, processes and data architectures.
- Evaluates the impact of any relevant statutory, internal or external regulations on the organization's use of information and develops strategies for compliance.
- Problem Management: Ensures that appropriate action is taken to anticipate, investigate and resolve problems in systems and services.
- Ensures that such problems are fully documented within the relevant reporting system(s).
- Leads the development of problem solutions.
- Coordinates the implementation of agreed remedies and preventative measures.
- Evaluates patterns and trends.
- Relationship Management: Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans.
- Negotiates with stakeholders at senior levels and ensures that organizational policy and strategies are adhered to.
- Uses feedback from customers and stakeholders to help measure effectiveness of stakeholder management.
- Contributes to the development and enhancement of customer and stakeholder relationships.
- Partner with technical and non-technical team members to assess security risk in business solutions, across varied systems and landscapes.
- Recommend, develop, deploy, and monitor appropriate mitigating controls.
- Document and socialize residual risk.
- Collaborate with cloud experts and cloud novices to implement the Databricks platform in a security minded manner.
- Identify analytical points of interest in raw data exports from security tooling and infrastructure systems, merging with other data sources, and build repeatable reports and automated threat response.
- Develop and deploy automated solutions to monitor, alert, and remediate security and compliance findings in public cloud infrastructure and deployed code.
- Proven experience securing a Databricks data science platform with a GCP Big Query backend.
- Strong Experience in applying industry standard cyber security frameworks and vendor blueprints to business problems.
- 5+ years development experience with solid programming abilities including Powershell, Python, YAML, WebService APIs.
- 5+ years of progressive career experience focusing on GCP Cloud Security and Application Security Architecture.
- Bachelors degree in Computer Science, a related field, or applicable work experience.
- Excellent technical and non-technical documentation skills including security standards, policies, guidelines, and procedures, change documentation, enterprise end-user communications, technical knowledge articles, infrastructure diagrams, and process charts.
- Deeply articulate in security risks associated with SaaS services, their integration with legacy on-premise systems, and commonly associated security solutions.
- Infosec certifications such as ISC2 (CISSP or CCSP) or ISACA (i.e.: CRISC, CISA, CISM, etc).
- Technical infosec certifications such as Google Certified Security Engineer, Google Certified Professional Cloud Architect.
- Experience performing enterprise security risk assessments, selecting appropriate technical controls, liaising with business partners through the project lifecycle, and complete risk-acceptance handling of residual risks.
- Proven ability to design, document, and implement reusable security patterns.
- Experience in designing data protection and privacy-centric security controls in enterprise data-warehouses including ingestion, ETL, storage, analytical consumption, and reporting.
- Experience with integrating code scanning for vulnerabilities into CI/CD pipelines for Cloud Native deployments.
- Experience with AD group structuring.
- Strong leadership skills in accountability and customer focus.
- Proactive and able to catch issues before failures.
- Experience interacting with business users and vendors including vendor management.
- Excellent communication skills; feels comfortable working with non-technical business partners.
- Work with production support and project consultants in an onshore / offshore model.
- Flexibility of providing support during odd hours, weekends, and peak seasons.
- Minimal travel required (training/conferences).