SOC Cloud Security SME

A Cyber SOC Cloud Security SME - plays a crucial role in safeguarding the organization against cyber threats by designing enabling and implementing the cloud security and governance processes and technical oversight. Heres a detailed job description for such a role:

Overview:

As a SOC cloud security SME you will require deep technical expertise in cloud security frameworks hands-on experience with any security and SIEM tools and the ability to guide enterprise-wide security initiatives. The role will require you to drive our cloud security strategy architecture and implementation across multi-cloud environments including but not limited to the management of the security tooling used for exposure management threat hunting and cloud security posture management across multi-cloud environments. The role requires partnership with multiple groups including SOC threat intelligence management exposure management cloud operations cloud engineering and architecture teams on related activities which can include incorporating other intelligence from various sources assess the relevance and provide actionable insights to enhance our cybersecurity posture.

Key Responsibilities:

Technical tools implementation and oversight:

Manage the Cloud Security tools platform including maintenance of policies procedures and rule sets. Configure and optimize cloud security tools for CSPM CWPP CNAPP SIEM integration. Provide domain expertise in cloud security and compliance and be a trusted technical advisor. Propose solutions to cloud security and compliance challenges. Recommend cloud security architectures and solutions to meet and exceed security requirements. Define technical control requirements evaluate existing tool effectiveness and propose solutions to enhance the companys security posture

Governance and Compliance:

Ensure compliance with industry standards like SOC 2 ISO 27001 CIS Controls OWASP GDPR. Develop security monitoring alerting and incident response procedures. Conduct security reviews of cloud deployments and configurations. Maintain security documentation and runbooks. Perform cloud security assessments code audits and design reviews

Incident Response and Investigation:

Conduct in-depth investigations into security incidents anomalies and breaches partnering with cloud support engineering and architecture teams.

Collaboration and Communication:

Partner with Threat Intelligence and SOC teams to conduct research for identification of new attack vectors. Collaborate with Exposure Management team to facilitate mitigation of vulnerabilities. Collaborate with other infrastructure and application teams business stakeholders and management to ensure effective cloud security monitoring and incident response.

Work with architecture and engineering teams in specifying technical requirements to support shared components deployed according to NIST CIS Controls OWASP and other applicable security privacy requirements frameworks and compliance requirements.

Documentation and Knowledge Management:

Maintain comprehensive documentation of Cloud security configurations operational procedures and security findings for knowledge sharing and audit purposes. Maintain incident response documentation as needed.

Qualifications :

Strong understanding of cybersecurity concepts and best practices.

Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) Certified Ethical Hacker (CEH) or other relevant certifications.

Experience with various public cloud services Using Azure / AWS / GCP strongly preferred.

Preferable: Experience in CrowdStrike Ecosystem particularly with Falcon platform modules (Endpoint Protection Cloud Workload Protection Identity Protection)

CSPM Tools: Proficiency with CrowdStrike Falcon Cloud Security (preferred) or equivalent platforms (Prisma Cloud Wiz Orca Security)

Infrastructure: Kubernetes containers serverless architectures

Automation: Terraform CloudFormation scripting (Python PowerShell)

Networking: VPCs firewalls load balancers DNS security

Identity: IAM SSO privileged access management

Solid understanding of computer and network security including but not limited to cryptography (PKI certificate management etc.) network protocols and relevant work experience in web application security

Experience with security testing methodologies and tools

Experience with security tools including SIEM SOAR vulnerability scanners endpoint detection systems.

Knowledge of various security technologies (e.g. firewalls intrusion detection systems endpoint security).

Proficiency in scripting languages (e.g. Python PowerShell).

Proven Experience with log analysis and data visualization tools.

Excellent analytical problem-solving and troubleshooting skills.

Strong communication and interpersonal skills.

Ability to work independently and as part of a team

Additional Information :

Note: Syngenta is an Equal Opportunity Employer and does not discriminate in recruitment hiring training promotion or any other employment practices for reasons of race color religion gender national origin age sexual orientation gender identity marital or veteran status disability or any other legally protected status.

Follow us on: Twitter & LinkedIn page Work :

No

Employment Type :

Full-time