Contract Cyber Security Specialist

Job Description

Job DescriptionJob Title: Cloud Cyber Security Specialist | Contractor
Location: Remote – Must be Easter Time Zone
Compensation: $120,000 - $150,000 USD

About Centric Software:

Centric Software stands at the forefront of innovation, delivering cutting-edge PLM solutions tailored specifically for the retail, fashion, footwear, luxury, and consumer goods industries. Our enterprise software applications are designed to meet the unique challenges of the fast-moving consumer goods market, empowering businesses to manage, optimize, and execute their critical processes with ease.

From concept to production, our software solutions streamline the journey of bringing products to life. We support our customers in effectively managing materials, sourcing, quality, and pricing, ensuring every step leads to a successful final catalog. With Centric Software, businesses can navigate the complexities of product development with confidence and agility. www.centricsoftware.comJob Summary
Centric Software is seeking a Cloud Security Manager to join our dedicated CyberSecurity team. This role is both hands-on and governance-focused; you’ll secure our AWS and Azure environments while also ensuring compliance.

If you’re passionate about cloud security, comfortable with both engineering and audits, and want to make an impact in a global SaaS environment, we’d love to meet you.Responsibilities

• Partner with security and engineering leadership to design and communicate a scalable, resilient cloud security roadmap that aligns with business objectives.
• Establish regular team practices to ensure security champions are accountable for their deliverables, with risks and priorities clearly communicated to stakeholders. Project timelines, SLAs, and delivery estimates are transparent and agreed upon in advance.
• Develop and maintain cloud security programs to ensure compliance with regulatory requirements and privacy laws, while anticipating future industry developments and emerging threats.
• Serve as the primary point of contact for cloud security initiatives, requirements, and escalations, providing subject matter expertise and proactively communicating security posture to both technical and non-technical stakeholders.
• Support employee retention and growth by mentoring and coaching the team, fostering a people-first culture with clear expectations and structured support to achieve high performance.
• Define and track key performance indicators (KPIs), objectives and key results (OKRs), and security metrics to demonstrate the effectiveness of the cloud security program, ensuring integration with Vulnerability Management, GRC, and Security Operations.

What You’ll AchieveIn the first 3 months:

• Perform a full technical review of AWS and Azure environments, validating IAM configurations, network segmentation, encryption, and logging settings.
• Deploy and tune cloud-native detection and monitoring tools (AWS GuardDuty, Security Hub, Azure Defender) integrated into Cortex XSIAM.
• Conduct initial vulnerability scans across workloads (VMs, serverless, and SaaS integrations) and establish a remediation priority list.
• Review existing ISMS documentation and map cloud-specific controls to ISO 27001, SOC 2, and NIS 2 requirements.

In the first 6 months:

• Implement automated compliance checks for ISO 27001 Annex A controls using cloud-native policies and CSPM tools.
• Develop and document a cloud security governance framework including policies, standards, and operational baselines for AWS and Azure.
• Work with CloudOps and DevOps to integrate secret management (Keeper PAM, Key Vault, Secrets Manager) into CI/CD pipelines and operational processes.
• Establish reporting cadence for cloud security metrics, risks, and progress updates to leadership.

In the first 12 months:

• Lead penetration testing and red team exercises targeting AWS and Azure environments, validating incident response playbooks.
• Demonstrate measurable improvements in cloud governance KPIs (policy adoption, reduced misconfigurations, faster vulnerability remediation, improved audit evidence quality).
• Deliver the annual cloud security risk assessment and strategy roadmap, providing technical evidence and governance updates mapped to ISO 27001, SOC 2, and NIS 2 requirements.
• Present a multi-year cloud security strategy aligned with Centric’s ISMS program and business objectives.

Qualification

• 7–10 years in cybersecurity with at least 5+ years of hands-on cloud security experience (AWS & Azure).
• Strong technical expertise in:
  • AWS (IAM, GuardDuty, Security Hub, KMS, Config, CloudTrail).
  • Azure (Entra ID, Key Vault, Defender for Cloud, Sentinel).
• Experience with cloud SIEM/SOAR, vulnerability management, and incident response (e.g., Cortex XSIAM, Tanium, CrowdStrike).
• Proven ability to develop and implement cloud security governance frameworks, policies, and strategies.
• Knowledge of compliance and regulatory frameworks: ISO 27001, SOC 2, NIS 2, GDPR.
• Strong background in risk assessments, audits, and ISMS-aligned control design.
• Excellent communicator, able to explain technical risks to executives and provide actionable guidance to engineers.

Certifications (Preferred)

• Cloud Security (Highly Preferred):
  • AWS Certified Security – Specialty
  • Microsoft Certified: Cybersecurity Architect Expert
  • Microsoft Certified: Security Operations Analyst Associate
  • CCSK (Certificate of Cloud Security Knowledge)
  • CCSP (Certified Cloud Security Professional)
• Governance & Compliance (for ISMS alignment):
  • ISO 27001 Lead Implementer or Lead Auditor
• Optional Add-ons (Nice to Have):
  • GIAC Cloud Security Engineer (GCLD)
  • GIAC Cloud Incident Response (GCIR)

The US base salary range for this full-time position is $120,000 - $150,000 plus variable.   Our salary ranges are determined by role, level and location.  The range for each job posting reflects the minimum and maximum target for new hire salaries for the position across all US locations.  Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience and relevant education or training.  Please note that the compensation details listed reflect the base salary and certain positions may be offered with additional variable incentives.

Centric Software provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status or genetic information.

Centric Software provides equal employment opportunities to all qualified applicants without regard to race, sex, sexual orientation, gender identity, national origin, color, age, religion, protected veteran or disability status or genetic information.

Powered by JazzHR

Mkt0PHweLZ