Responsibilities:
Security Implementation:
Implement security across multi cloud environments (GCP, AWS, Azure) covering applications, DevSecOps oriented, IT systems, and endpoints.
- Continuously remediate vulnerabilities.
- Assist with incident response efforts, including root cause analysis and the implementation of remediation plans.
Cloud Security: - Oversee the security posture in multi-cloud environments (AWS, GCP, Azure) and services (such as Snowflake, MongoDB, Auth0 and others)
- Familiarity with SIEM, CSPM and DSPM systems, SAST, DAST and CI/CDs
Vendor and Corporate Security Assessment: - Perform security assessments of third-party vendors and partners to ensure compliance with corporate security standards.
- Implement vendor management processes to maintain security controls and compliance across all third-party relationships.
Customer Security Support: - Answer customer security-related questions and assist in responding to RFPs and security questionnaires.
- Support field departments (sales, marketing, etc.) by addressing security concerns, creating customer-facing security documentation, and maintaining a knowledge base with answers to common security inquiries.
Data Security and Privacy: - Protect customer data, including PII, using encryption, DLP strategies, and access controls.
- Enhance email security controls such as DMARC, DKIM, and SPF to protect against phishing and email fraud.
Compliance and Auditing: - Experience with security audits such as ISO 27001, SOC 2, and ensure compliance with global regulations (GDPR, HIPAA, etc.).
- Conduct penetration tests and vulnerability assessments, implementing remediation strategies based on findings.
Qualifications:
Experience:
- 3+ years in security roles, with at least 2 years in cloud security and compliance.
- Expertise in SIEM, CSPM, DSPM , DLP, SAST, DAST and encryption tools
- Experience with cloud-based SaaS platforms (B2B)
- Proven experience managing security audits (ISO 27001, SOC 2) and overseeing penetration tests.
- Experience responding to customer security inquiries and supporting sales and marketing teams.
Technical Skills: - Proficient in cloud security practices across AWS, GCP, and/or Azure.
- Strong knowledge of email security controls such as DMARC, DKIM, and SPF.
- In-depth understanding of security technologies like IAM, VPN, firewalls, IDS/IPS, and encryption.
- Experience with integrating security into CI/CD pipelines through DevSecOps practices.
- Familiarity with endpoint management and device security tools.
- Certifications (preferred):
- CCSP, CISSP, CISM, CISA, or similar security certifications.
- Cloud security certifications (AWS Certified Security Specialty, Google Professional Cloud Security Engineer, etc.).
Soft Skills: - Strong leadership, communication, and documentation skills.
- Ability to collaborate with cross-functional teams and handle customer-facing tasks.
- Analytical mindset and problem-solving abilities.