London, EN GB
The Cloud Security Director is a technology and process focused security leader with an emphasis in information security, c loud architecture, cloud infrastructure engineering, cloud incident response and DevSecOps. The Cloud Security Director is responsible for defining and leading the cloud security program by collaborating with product stakeholders to develop solutions to enable the business.
• Lead the development and execution of cloud architecture initiatives and set forth strong cloud security design principles and processes
• Provide guidance for security remediation to business and IT partners. Speaking the DevOps and product team’s language by demonstrating real, practical risk and value.
• Develop cloud security processes and procedures to meet incident response and participate in security incident response process as cloud SME.
• Research, innovate, and design cloud-first security solutions.
• Partner with DevOps and product leadership to champion secure cloud development practices and build cloud security automation into their pipelines.
• Define SOAR Solutions to solve gaps integrating security into cloud environments.
• Collaborate with senior management and department leaders to assess near- and long-term cloud security needs
• Stay current with the latest cloud threat mitigation tools and techniques
• Mentor members of staff and act as a centre of cloud security engineering excellence
• Strong understanding of cloud-based infrastructure components with specific understanding of the security risks presented in a decentralized and hybrid environment.
• 10+ years of experience in information security with demonstrated experience in leading, building, implementing and continuous maturing security programs
• 8+ years of management experience that includes overseeing technical directs reports
• Proven competency in strategic thinking and leadership.
• Ability to create processes from product engineering point of view and partner with leadership to shape the future state of products and cloud strategies
• Real-world experience with the following:
• Security administration in AWS/GCP/Azure
• CI/CD and DevOps Tooling (Git, Jenkins, CircleCI)
• Infrastructure as code tools (Pulumi, Ansible, CloudFormation, Terraform)
• Command Line usage (Bash, Powershell)
• Network & Infrastructure engineering
• Cloud native security related tools (AWS Guard Duty, AWS WAF, GCP Security Center)
• Elastic Stack
• Docker and Kubernetes
• Excellent verbal and written communication skills with a strong attention to detail
• Remains productive while rapidly switching context
• Thirst for knowledge and constantly driven to stay current with evolving threat landscapes