Technology Consulting-Cloud Security Architect-Manager (1585296)

At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.

Job Summary

Title: Cloud Security Manager

We are seeking a highly skilled Cloud Security Manager with extensive experience in securing cloud environments across AWS Azure and GCP. The ideal candidate will have a strong background in cloud security architecture governance risk management and compliance (GRC) ensuring the security of cloudbased applications data and infrastructure.

The Cloud Security Manager will work closely with security IT and engineering teams to define and implement security best practices policies and frameworks aligning with industry standards and regulatory compliance requirements.

Key Responsibilities

Cloud Security Strategy And Architecture

• Design implement and manage security controls across AWS Azure and GCP environments.
• Define cloud security strategies security reference architectures and best practices.
• Conduct risk assessments and threat modelling for cloudbased applications and services.
• Implement Identity and Access Management (IAM) Zero Trust Architecture (good to have) and least privilege access controls.
• Oversee cloud network security encryption key management and data protection mechanisms.

Compliance & Governance

• Ensure compliance with industry standards and regulations such as ISO 27001 NIST CIS PCI DSS HIPAA GDPR and SOC 2.
• Develop implement and monitor cloud security policies procedures and controls.
• Collaborate with legal audit and compliance teams to ensure regulatory adherence.
• Conduct cloud security assessments and audits to identify gaps and drive remediation.

Cybersecurity & Risk Management

• Identify assess and mitigate cloud security risks and vulnerabilities.
• Implement cloudnative security tools such as AWS Security Hub Azure Defender Google Security Command Center etc.
• Develop and enforce incident response and security monitoring processes for cloud environments.
• Work with SOC teams to integrate SIEM threat intelligence and security automation (SOAR) solutions.
• Manage cloud security posture management (CSPM) and cloud workload protection platform (CWPP) solutions.

DevSecOps & Security Automation

• Integrate security into CI/CD pipelines to ensure secure application development.
• Automate security testing using SAST DAST and IaC security scanning tools.
• Work with DevOps teams to enforce secure coding practices and cloud security configurations.

Team Leadership & Collaboration

• Lead and mentor security engineers analysts and cloud teams in security best practices.
• Collaborate with crossfunctional teams to embed security into cloud development and operations.
• Conduct security awareness training for development operations and business teams.

Required Qualifications & Skills

Technical Skills

• Strong expertise in AWS Azure and GCP security services (IAM KMS Security Groups VPC Azure Defender Google SCC etc.).
• Indepth knowledge of cloud security architecture network security and workload protection.
• Experience with security frameworks (NIST CIS ISO 27001) and regulatory compliance.
• Handson experience with SIEM SOAR CSPM CWPP and Endpoint Security solutions.
• Expertise in Identity & Access Management (IAM) Privileged Access Management (PAM) and MultiFactor Authentication (MFA).
• Knowledge of DevSecOps Infrastructure as Code (IaC) security and security automation.
• Handon experience in developing project related technical documents reports artefacts policy/procedure documents etc.

Certifications (Preferred but not mandatory)

• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• AWS Certified Security Specialty
• Microsoft Certified: Cybersecurity Architect Expert
• Google Professional Cloud Security Engineer
• CISA CISM or CRISC (for compliance and risk management expertise)

Soft Skills

• Strong leadership and stakeholder management abilities.
• Excellent problemsolving analytical and decisionmaking skills.
• Ability to work in a fastpaced and evolving cloud security landscape.
• Consulting experience in a client facing environment is a must
• Travel to MENA region for project delivery

EY Building a better working world

EY exists to build a better working world helping to create longterm value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.