Cloud Security Architect - Bank

- Resource should have good understanding of Cloud Architecture and hands on experience in Implementing a cloud security framework.

- Creating policies to monitor security and compliance.

- Should be able to recommend and determine which cloud standards to enforce.

- Should have worked in implementation of Industry standards like Center for Internet Security (CIS) Benchmarks (for AWS, Azure, and GCP), NIST SP 800-207, and SO/IEC 27001, ISO-27018, ISO-27017, ISO-27018, GDPR, SOC 2 Audit, PCI-DSS, etc

- Experience in conducting cloud security audits, continuous cloud security risk assessment, and penetration testing.

- Familiarity with stages of software development (SAST, DAST, RASP, IAST, SCA, pen-testing).

- Familiarity with Cloud Application Security: WAF, Bot Management, API Security, D-DOS Services, etc.

- Experience in Cloud security governance and contingency planning.

- Experience in User identity and access management with a zero-trust model (MFA, SSO, conditional access, access control, etc.)

- Familiar with Data security (encryption in transit or at rest and key management) and CASB/DLP (data classification and control, data backup and restore, and data loss prevention)

- Hands on in Network Security: Rules and Configurations, Firewalls, Security Group Specifications

Monitoring and Logging:

- Hands on in Vulnerability and Attack Management; Traffic Monitoring; Log Management; Analysis; and Mitigation Strategies. Monitoring and logging with user behaviour analytics (Threat detection, continuous monitoring and alerts, incidence and response, etc.). Hardware and Software Security: Physical security, scans, audits, patches, server hardening, configuration hardening, logical segmentation, etc.

- Experience in implementing cloud security Solutions based on cloud services (i.e., IaaS, PaaS, SaaS), CSPM, CWPP, CASB, CIEM, SSPM, etc.