Cloud Technology Partners · Jul 17th 2018
Analyze and design security solutions for applications and infrastructure, and provide expertise and consulting to clients.
Identify and document information security risks and propose mitigating controls
Will be responsible for understanding complex business IT needs, requirements, and projects scopes, with a focus on information security requirements.
Research, design, and develop new information security controls for clients
Assess current IT environments and make recommendations to increase security
Assist clients in troubleshooting and resolving information security issues
Author project and support documentation and diagrams
Implement security solutions.
Skills & Requirements
Assessed, developed and implemented, operationalized and documented comprehensive security technologies and processes.
Secure software development, data protection, cryptography, key management, identity and access management (IAM), network security (VPNs) within SaaS, IaaS, PaaS, and other cloud environments.
Architected solutions within Amazon Web Services (AWS) and other cloud providers and SOA for cloud-based services.
Worked with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
Performed security design/architecture reviews, code reviews, and penetration tests of large applications, systems and/or networks.
Worked on large scale cloud based services (including SaaS, PaaS, IaaS) and understand security challenges involve in deploying Cloud Applications.
Created and maintained security policies and procedures, managing the protection of information systems and assets.
Performed threat modeling and design reviews assessing security implications and requirements introducing new technologies.
Hand-on experience with multiple security technologies such as Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, SSL crypto solutions.
Solid understanding of a range of compliance, regulatory and legal requirements and relevant principles, best practices and standards across multiple industries. Preferred industries: financial services, telecommunications. Examples would include: PCI, SOX, GLBA, CSA, PCI, NIST, ISO, IEEE, FedRAMP, HIPAA and TCG.
Have working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, SAML, Ping, Okta, etc) and key management (Safenet, Vormetric, other).