Manager - Info Security/Cloud Security
My Client is an industry-recognized Managed Desktop as a Service (DaaS) provider focused on Virtual Desktops and Digital Workspace technology globally.
Position : Manager Information Security - Cloud Security
Requirement :
- To manage Information Security related to Cloud based setup (Azure, WVD, AWS)
- To conduct Internal Audits
- To carry out vulnerability assessments and identify systemic security issues based on the analysis of vulnerability report
- To apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
- Knowledge of Azure Security Centre
- Knowledge of cloud security, cyber security, privacy principles and security frameworks (e.g., ISO 27001, ISO 27017, ISO 27018, PCI, HIPPA, SOX, etc.) relevant to confidentiality, integrity, availability, authentication, non-repudiation
- Knowledge of vulnerability assessment and penetration testing principles, tools, and techniques.
- Knowledge of ethical hacking principles and techniques
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Network protocols such as TCP/IP, Dynamic Host Configuration (DHCP), Domain Name System (DNS), and directory services.
- Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defence-in-depth).
- Knowledge of system administration concepts for operating systems (such as but not limited to Windows and Unix/Linux operating systems) and operating system hardening techniques.
- Knowledge of data backup and recovery concepts
- Knowledge of cyber threats and vulnerabilities
- Knowledge of social engineering techniques. (e.g., phishing, baiting, tailgating, etc.).
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of Application Security Risks (e.g., Open Web Application Security Project (OWASP) Top 10 list)
Responsibilities :
- Review & Analyze various Cloud Security requirement and advise on implementation
- Be a Change Approver for Cloud Security requirement
- Prepare & Publish Security Advisory Notes, InfoSec Awareness mailers etc.
- Develop and maintain documents (policies, procedures, templates), records, templates related to Cloud Security
- Periodic review of policies, procedures, templates
- Promoting awareness related to Information Security
- Communicate Policies, Procedures, Templates to stakeholders
- Preparing Audit Schedules / Plan, Conduct Internal Audits periodically, Publish Report and track till closure
- Initiate necessary corrective and preventive action
- Periodically Measure & Monitor Cloud Security KPI
- Prepare Management Review Meeting Reports, Plan; Schedule and conduct periodic Management Review Meetings
- Coordinating with Certifying Body
- Representing the management during various external audits (certification & surveillance audits, client InfoSec audits etc.)
- Ensuring the compliance parameters meets the requirement
- Reporting to the top management on the performance, opportunities for improvement, issues, non-conformities, Audit reports etc. related to Cloud Security
Certifications :
- Microsoft Certified Azure Fundamentals
- Certified Cloud Security Professional (CCSP)
- Certificate of Cloud Security Knowledge (CCSK)
- Certificate of Cloud Auditing Knowledge (CCAK
Didn’t find the job appropriate? Report this Job
Download the iimjobs app to
apply for jobs anywhere, anytime
Download on
App Store
Get it on
Google Play
Scan to Download