Job Description
Responsibilities:
- Own security architecture and control frameworks across self-built data centers, OCI, AWS, Azure, and GCP in hybrid/multi-cloud environments.
- Implement defense-in-depth controls across IaaS, PaaS, containers, and IAM for infrastructure.
- Lead threat modeling and architecture reviews to identify and mitigate risks before production.
- Embed automated security scanning, policy-as-code, and approval gates into CI/CD pipelines.
- Build scalable IaC frameworks to enforce security baselines and eliminate configuration drift.
- Partner with engineering, infrastructure, and business teams to shift security left in the design lifecycle.
- Drive control maturity through regular assessments and a roadmap focused on automation and operational efficiency.
- Design and mature cloud network security controls - including VPC architecture, micro-segmentation, and firewall policies, and establish centralized security logging and audit trail coverage.
Qualifications
Minimum Qualifications:
- Proven expertise in designing and implementing security controls across Hybrid and Multi-Cloud environments (e.g., Data Centers, AWS, Azure, GCP, OCI).
- Hands-on experience with key cloud security tooling and concepts (CSPM, CNAPP, CASB, DLP).
- Solid experience with threat modeling, risk assessment methodologies, and security validation techniques.
- Demonstrated ability to automate security control implementation and validation using tools or scripting.
- Strong working knowledge of industry security frameworks (e.g., NIST CSF, ISO 27001) and regulatory requirements (e.g., GDPR, SOX)
Preferred Qualifications:
- 5+ years of professional experience in cybersecurity, with a primary focus on cloud and infrastructure security.
- Master’s degree in a technical field or holding a relevant professional security certification (e.g., CISSP, CCSP, CCSK, or Cloud Security Specialty certifications).
- Proven experience working within a large-scale, global enterprise or highly agile, fast-paced technology environment.
- Deep hands-on experience developing internal security tools and utilities in Python or Go for security validation, observability, and enforcement across hybrid cloud landscapes.
- Deep familiarity with securing modern infrastructure technologies, including containerization (Kubernetes/Docker), Zero Trust Architecture, SASE, and CI/CD security integration.
- Demonstrated expertise in advanced automation and validation techniques, such as Policy-as-Code (e.g., OPA/Rego, Sentinel) and continuous control validation platforms.