Description
Cloud Security SME AWS, Azure, VMware
New York
Start ASAP, duration 3-6-12 months.
Can pay up to $1275.
Desired Skills and Education
- Expertise in cloud security technologies, including:
- Cloud and virtualization platforms such as AWS, Azure, VMware
- Infrastructure tools available, and in support of, cloud technologies
- Security tools that are appropriate and relevant for use in cloud solutions
- Knowledge of current financial, regulatory, compliance requirements
- Knowledge of current privacy regulations
- Knowledgable in one or more current compliance and regulatory frameworks such as ISO 27001, SOC 2, CSA CCM, and PCI
- Excellent written and spoken English
- spelling, grammatical accuracy and written style
- Comfortable working in the global business culture of leading enterprises
- Personable and comfortable working with senior professionals
- Security certifications such as CISSP, CISM, CSA CCSP are desirable but not mandatory
- Completely comfortable with the modern tools of document production, the MS Office suite
- A life-long learner, committed to personal improvement and professional practice, with a restless intellect and genuine interest in working with cutting-edge technologies.
Job Description
You are an experienced information technology security professional with an eye for the intersection of security, compliance, risk management, and business opportunity. You understand the business benefits provided by the cloud', as well as the challenges the cloud' presents. You have guided organizations in creating transformational solutions that answer these needs. You are an excellent listener, and as a result, people listen to you. You take careful notes of what the clients say and share with colleagues to ensure that we collectively develop the right solutions for our clients. You are creative and knowledgeable. You are also able to communicate complicated security, compliance and technical topics in simple terms. You can differentiate between people, processes and technology, and the importance of each in any solution. You believe that security can be an enabler and that a balance is necessary between business opportunities and security.
You enjoy being an integrated part of a team of highly experienced experts who work out solutions to customer problems. You prefer working in an integrated manner with technologists, developers, business stakeholders, and compliance managers. You believe active participation is the best path to finding viable solutions.
You have a strong knowledge in a broad range of modern IT Security solutions and what they can and cannot contribute to security and compliance. You have experience in applying these solutions at one or more major companies.
You have knowledge of current financial and privacy regulations as well as certification frameworks such as ISO 27001, SOC 2, CSA CCM, and PCI.
You are willing to spend time at client premises to engage with the client. You are also self-motivated and able to work effectively from your home.
Primary Responsibilities
- Participating in IT Security and Compliance workstreams in enterprise deployments of Public Cloud solutions
- Utilizing an agile program approach, including an ability synthesize and commit to weekly deliverables
- Partnering with customer experts in Risk, Compliance and IT Security to understand their requirements
- Guiding customers towards appropriate risk management, security and compliance solutions
- Designing security solutions that satisfy customer's security and compliance needs
- Analyzing client-proposed solutions and tactfully presenting where improvements should be made
- Producing high quality documentation as required. This will include architecture diagrams and written commentary on proposals
- Presenting the consequences of the client's preferences in tactful but clear terms
- Advising where the client may be MIS-interpreting regulations either in a way that is stricter than intended or inadequately strict.
- Noting the consequences of such interpretations
- A relentless focus on solutions that provide business benefits. Warning when there is any appearance of technology for its own sake.