Responsibilities
Security and Compliance:
Develop and maintain comprehensive security policies, standards, and procedures to protect our cloud environment.
Ensure compliance with industry standards and regulations, such as SOC 2, GDPR, and PCI DSS.
Conduct regular security assessments and vulnerability scans to identify and mitigate risks.
Implement robust security controls, including access management, encryption, and data loss prevention.
DevOps and SRE:
Collaborate with DevOps teams to integrate security into the software development lifecycle (SDLC).
Automate security tasks and processes using scripting and configuration management tools.
Define and monitor Service Level Agreements (SLAs) and Service Level Objectives (SLOs) to ensure high availability and performance.
Participate in incident response and disaster recovery planning.
Cloud Infrastructure and Operations:
Design and implement cloud-native and agnostic architectures that are scalable, resilient, and secure.
Manage and optimize cloud infrastructure costs across multiple cloud providers (AWS, GCP, On-prem).
Monitor and troubleshoot cloud infrastructure performance and health.
Ensure the security and compliance of databases and data storage solutions.
Analytics and Dashboards:
Develop data ingestion and data lake pipelines to collect and store relevant data.
Create interactive dashboards and visualizations to provide insights into security, compliance, and operational metrics.
Qualifications
Bachelor's degree in Computer Science, Information Systems, or a related field.
4-5+ years of experience in cloud security, compliance, or DevOps.
Strong understanding of cloud platforms (AWS, GCP) and their security best practices.
Experience with security tools and frameworks, such as vulnerability scanners, intrusion detection systems, and SIEM solutions.
Proficiency in scripting languages (Python, Bash) and configuration management tools (Ansible, Terraform).
Knowledge of compliance frameworks like SOC 2, GDPR, and PCI DSS.
Strong analytical and problem-solving skills.
Excellent communication and collaboration skills.
Preferred Qualifications
Certifications in cloud security (AWS Certified Security - Specialty, GCP Certified Professional Cloud Security Engineer) or compliance (CISM, CISSP).
Experience with containerization technologies (Docker, Kubernetes).
Knowledge of data analytics and visualization tools (Tableau, Power BI).