Top Skills'
1) Experience designing and deploying IAM controls into the cloud (both Azure and AWS)
2) Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS - Center of Internet Security, NIST, MITRE, or the CCM - cloud control matrix for the CSA (Cloud Security alliance), dealing with artifacts and methodology around these. Ideally holds one of these certification: CCSK, CCAK - want to be able to look at the control gaps or weaknesses and tie those back to the security requirements in this model and mitigate it and prioritize the gaps of which ones are the attack profiles)
3) Experience with cloud platforms such as Azure, AWS or GCP, in that order
4) Experience evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc.
5) Experience in analyzing advanced cyber threats, with related attack tactics, techniques and procedures and determining best fit mitigations
6) Proficient in Microsoft Office tools (Excel, PowerPoint, Word, SharePoint) with ability to analyze data, distill key data points and effectively present information
Job Description
The IAM Cloud Security Controls Specialist will develop and maintain an inventory of cloud control requirements based on threat models, laws, rules and regulations; track operational readiness of process and technical capabilities to implement the required controls; and ensure the control requirements are appropriately codified in Policy, Standards and Procedures.
This role requires deep knowledge of cloud threat models and related Security Controls. The specialist must be able to understand intent of laws, rules and regulations determine whether existing or proposed operational controls will satisfy the requirements. The specialist must also develop and maintain documentation that accurately describes the current cloud control environment, for review by oversight organizations (Audit, Compliance, Operational Risk, Regulators, etc.)
This role is part of the Cloud Process Integration team, within the Cloud Defense team of Cyber Security Defense organization within Global Information Security (GIS). The Cyber Security Defense team in GIS is a true global operations shop with leading edge tools, processes, and people.This role is basically preparing GIS to move to the cloud, developing a good security framework for PaaS, IaaS, and SaaS, what are those security requirements, using the CSA cloud matrix and how to do that here at the bank, good solid understanding of the security requirements from policies and expectations standpoint, multi deployment of controls.
Hybrid- 3 days onsite/2 remote in Chicago, IL or Denver, CO
About TEKsystems:We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.