The Cloud Security Specialist is a technical role responsible for supporting the development of security strategies and architectural vision for the company’s cloud initiatives. This position combines strategic thinking and technical expertise to deliver practical solutions for real-world security challenges. The specialist will collaborate with multiple teams across the enterprise, acting as a Subject Matter Expert for designing and deploying automated security solutions. A passion for the "Everything as Code" concept and empowering teams to address cloud security challenges proactively is essential.

Roles and Responsibilities Provide expert guidance for implementing and evolving secure cloud and container architectures, including best practices across IaaS, PaaS, SaaS, and hybrid configurations. Develop and evolve continuous monitoring solutions to validate systems against security baselines, address policy violations, and ensure compliance with security standards. Identify and propose innovative technology solutions for cloud and container environments to enhance automation, security, developer enablement, and process efficiency. Collaborate with developers, system administrators, and IT management to align security controls with company objectives, promoting secure-by-design principles. Design and implement secure cloud architectures, including network security, IAM, data encryption, and other critical security measures. Ensure compliance with security standards and frameworks (e.g., GDPR, HIPAA, ISO 27001) across all cloud initiatives. Introduce automation and innovative technologies in cloud security processes to enhance efficiency and scalability. Provide input on the design and deployment of automated security solutions to enhance security efficacy. Train internal teams on cloud security best practices, emerging threats, and security awareness to foster a security-first culture. Analyze attacker techniques and implement measures to mitigate risks, ensuring cloud resilience against evolving threats. Stay updated on the latest cybersecurity trends and proactively address vulnerabilities to mitigate risks. Requirements Education: Bachelor’s degree in Computer Science, Information Technology, or a related field. Advanced degrees or certifications (e.g., CISSP, CCSP, AWS Certified Security – Specialty) are preferred. Experience: Minimum of 7 years in network, application, cloud, or infrastructure security, showcasing a comprehensive understanding of security principles. Cloud Expertise: Strong experience in AWS, Azure, and Google Cloud, with expertise in IAM, VPC, Security Groups, and encryption services. Networking Skills: Proficient in networking concepts, protocols, and secure network architecture design. Cloud-Native Architectures: Experience with microservices, container orchestration, and operational best practices. Security Integration: Proven ability to integrate enterprise-scale security solutions in AWS and/or Azure. Automation: Proficiency in tools like Git, Terraform, Ansible, Jenkins, and experience with Python is a plus. Standards & Compliance: Familiarity with NIST, CIS, FIPS, PCI DSS, HIPAA, and FIPS 140-2. Knowledge of SOC, FFIEC, CSA, and FedRAMP is advantageous. Risk Management: Strong understanding of IT risk management, security policies, and compliance standards. Communication Skills: Excellent interpersonal skills to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders.