You will: (responsibilities)
• Developing, testing, and deploying GCP Security Controls across the firm’s cloud tenants through 3rd part SaaS solutions
• Evaluating Firm cloud security requirements and assess how these can be implemented into Detective cloud controls
• Working closely with vendors and partner squads to develop, deploy, and test Cloud security services
• Developing and generating compliance reports that showcase the cloud infrastructure’s drift management status
• Working with resource owners to remediate configuration drifts
• Defining priorities, coordinating with peer teams, and leading continuous improvement efforts of security tools, systems and processes
• Research, investigate and implement newer technologies to continually evolve security capabilities
• Integrating, configuring, documenting, and deploying compliant infrastructure and supporting services in the Cloud platform
• Troubleshooting problems, analysing root cause, and (where possible) fixing bugs introduced by owned or managed security solutions
• Collaborating with Risk Management, Security Architecture, and Cyber Incident Response teams to ensure necessary controls to Cloud services are deployed and tested
• Working in a globally distributed team to provide innovative and robust Cloud-centric solutions
You have: (must-have skills)
• Deep knowledge of GCP Infrastructure and Services
• Knowledge of the Shared Responsibility Model; keen understanding of the security risks inherent in hosting cloud-based applications and data
• Experience developing across the security assurance lifecycle (mainly detect & respond controls)
• Experience configuring native CSP security tooling and capabilities
• Deep understanding of DevOps processes and workflows.
• Working knowledge of the Secure SDLC process.
• Experience with Infrastructure as Code (IaC) tooling such as Terraform
• Strong in scripting languages such as PowerShell, Python and Bash.
• Experience creating technical architecture documentation.
• Excellent communication, written and interpersonal skills.
• Experience in IT Service Management.
• Ability to articulate complex technical concepts to non-technical stakeholders.
You might also have: (nice to have skills)
• Experience with CSPM and SaaS 3rd party solutions
• Understanding of OPA/REGO
• Knowledge of Agile best practices and methodologies
• Familiarity with Logging and data pipeline concepts and architectures in cloud.
• Experience with risk control frameworks and engagements with risk and regulatory functions
• Experience in the financial industry
• Azure, AWS and/or GCP Certifications
• Security certification such as CISSP, GIAC, CISM, OSCP or equivalent
• Configuration management and patch management using automated tools
• Experience with governance, risk and cybersecurity frameworks such NIST CSF, COBIT 5, ISO 27001/2, ITIL
• Familiarity with standard Azure/AWS/GCP security tooling such as Security Command Center, VPC Service Controls, Azure Monitor, Azure Policy, AWS SCP, AWS Config, AWS IAM Permission Boundary
• Practical experience in designing and configuring CICD pipelines.
• Practical experience in GitHub Actions and Jenkins.