(Cybersecurity) Lead Cloud Systems Security Engineer

Expected

• Azure

• AWS

• Excellent cloud systems engineering skills, insatiable curiosity and an innate drive to win.

• Strong problem-solving and trouble-shooting skills.

• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.

• Developed external peer network for sharing intelligence

• An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.

• An understanding of organisational mission, values and goals and consistent application of this knowledge.

• Self-motivated and possessing of a high sense of urgency and personal integrity.

• Highest ethical standards and values.

• Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.

• Good understanding of cyber security principles, global financial services business models, regional compliance regulations and laws.

• Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, MITRE ATT&CK, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.

• Good communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.

• Ability to speak, read and write in English, in addition to your local language.

• At least 5 years’ experience building and tuning highly available infrastructure in either of the cloud environments AWS, Azure or GCP

• Deep understanding of current AWS, Azure, GCP capabilities, limitations, and costing methodologies;

• Hands-on experience designing effective and scalable security strategies using IAM roles/ policies;

• Hand-on experience with AWS, Azure & GCP foundation services related to compute, network, content delivery, administration and security, deployment and management, automation technologies.

• Lead the design, implementation, testing, documenting of infrastructure technologies with varying degrees of hands-on execution tasks.

• Ability to build architectures and provide prescriptive guidance across network, storage, operating systems, virtualization, RDBMS & NoSQL databases, mid-tier technologies that include application integration, Streaming, in-memory caches, and security.

• Ability to facilitate architecture decisions related to AWS, Azure & GCP services (Route 53, ELB, EC2, ECS, SQS, SNS, CloudWatch, Lambda, Dynamo DB, Kinesis, etc.)

• Experience with core Google Cloud services including Compute, IAM, VPC, Cloud Run, and GKE.

• Experience working with container and serverless technology.

• Strong experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation.

• Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools for the collection and real-time analysis of security information.

• Expert level knowledge of one of more leading Cloud platforms including Microsoft Azure, Amazon Web Services, Google Cloud Platform and Alibaba Cloud.

• Expert level knowledge of security event logging, monitoring, detection and response on one or more of the leading Cloud platforms using tools and native capabilities such as AWS GuardDuty, Azure Sentinel, Google Security Command Center and Alibaba Cloud Security Center.

• Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Citrix, GSX Server, iOS, OSX, etc.

• Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IP, HTTP, etc. and network protocol analysis suites.

• Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.