Cloud Security (InfoSec) Specialist
Share
Job Location:
Monthly Salary:
Posted on:
3 hours ago
Vacancies:
1 Vacancy
Job Summary
- Cloud Governance and Standards
- Risk & Exception Management: Run risk assessments on cloud services/Servicesloads; propose compensating controls; operate exception register with expiry and review cadence.
- Identity & Access Governance: Design RBAC/ABAC models SoD matrices privileged access patterns break-glass procedures; lead quarterly access reviews with evidence capture.
- Data Protection: Classify data; specify encryption at rest/in transit; key management lifecycle (KMS/Key Vault/Cloud KMS) BYOK/HYOK guidance DLP guardrails
- Logging & Monitoring Requirements: Define mandatory telemetry (CloudTrail/Azure Activity/GCP Audit) retention/integrity controls and SIEM onboarding schema/use cases.
- Posture Management (CSPM/CIEM/CNAPP): Configure and tune policies; triage high-severity findings; route ownership; track remediation SLAs and metrics.
- IR Enablement (Cloud): Author cloud-specific playbooks (privilege escalation exposed storage key compromise); define evidence collection and containment prerequisites for SOC.
- Compliance & Audit Readiness: Map controls to ISO 27001/GDPR/NIA/Qatar Cloud Policy frameServices/ etc.; produce test procedures and evidence plans; support audits without material findings.
- Stakeholder Communication: Clear concise risk narratives and decision records for engineering leads product owners and auditors.
- Nice-to-Have / Depth Areas:
- DevSecOps Oversight: Policy-as-code checks (OPA/Kyverno/Conftest) IaC compliance gates (Terraform/ARM/Bicep) artifact integrity (signing/SBOM/SLSA) governance focus.
- Kubernetes/Container Governance: Pod Security Standards admission policy governance registry controls and runtime policy baselines.
- SaaS Security Reviews: Due diligence and ongoing assurance for high-risk SaaS (identity data residency logging export controls).
- Data Residency & Sovereignty: Regulatory mapping and guardrail design for regional constraints.
Requirements
- Bachelors in computer science Information Security IT and equivalent handson experience.
- Certifications (nicetohave): CCSP CISSP ISO 27001 Lead Implementer/Auditor Microsoft SC100/SC200 AWS SecuritySpecialty GCP Manpower Cloud Security Engineer.
- Knowledge: CIS Benchmarks ISO 27001/27017/27018 NIST 80053/CSF CSA CCM MITRE ATT&CK (Cloud)
- 5 years cloud security (governance/assurance) with hands-on in at least one major cloud.
Key Skills
- CCTV
- Low Voltage
- Network Management
- IDS
- Computer Networking
- Field Service
- ICD Coding
- Military Experience
- Security
- Security System Experience
- Information Security
- Troubleshooting
