This job ad has been posted over 30 days ago...



Senior Cloud Security Specialist Full-time

at NetSentries in Kuwait (Published at 28-04-2019)

The candidate be will be responsible for ensuring Cloud Security Compliance and Incident Response for our Banking Customer in Kuwait.

As a Senior Cloud Security Specialist, you will use your skills to for leading the development of information security architecture and ensuring technology initiatives are implemented within the framework to make our clients cloud environments more secure in order to protect information, information systems, and networks from threats.

The primary area of focus of this role is in developing Cloud risk management strategies and multi-year implementation and remediation programs based on business priorities and risks to address Cyber Security, Cyber Defense and Business needs of the Banking Customer.


• Working with business and technical team members to assist with requirement definitions, solution design and technical architecture and delivery
• Work closely with stakeholders to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative cloud based security offerings
• Assessment of security architecture, analysis of issues and development of recommendations for their resolution
• Define information security strategies, including guiding principles and future state vision, ensuring that the strategic objectives are aligned with business goals
• Assisting clients with transitions to the Cloud from existing on premise environments and with greenfield Cloud projects
• Leading the Cloud Security Infrastructure Design and Architecture

Eligibility and Skills:

· B.Tech/B.E. Any Specialization with Information Security Certifications like CISSP, CCSK, CCSP, AWSCSA, are preferred
· 7-10 years of experience working in Information Security with hands on experience in Securing Cloud Computing environments like IAAS, SAAS and PAAS in a in a large environment.
· Deep Understanding of Banking Security and compliance and good knowledge of frameworks like PCI DSS, NIST, ISO 27001 etc.
· Creating and maintaining security policies and procedures, managing the protection of information systems and assets
· Demonstrated working knowledge of major cloud platforms; AWS, Azure, SalesForce, ServiceNow, etc.
Expert knowledge of operating system, application, network, and database security architectures.
· Understanding of API security - specifically on common controls for API security (SSO, OAuth, Threat Protection).
· Security elements of API gateway integrations of API - WAF, Websockets
· Familiarity of Identify and Access Management - AWS IAM integrations
· Must have experience with AWS Security: Shared Security Model, Cloud Security Architecture, IAM policies/roles, WAF, OWASP Web/API vulnerabilities and compensating controls (CSP, CSRF, XSS, SQLI) etc.
· Experience with information security governance in a large sized Bank
· Engineering cloud security guard rails in AWS, Azure and other major cloud providers.
· Experience with Cloud WAF - Akamai Kona, AWS WAF, Arbor, Prolexic, or similar tools, Cloud SIEM – Cloudtrail, Cloudwatch, and other packaged SIEMs such as IBM Qradar, LogRythm, Splunk, ELK, ArcSight, AlienVault, Key Management - Privileged account management solutions in the cloud for key management, service account and secrets management, rotation and event response, including tools such as Secret Server (Thycotic), Vault (HashiCorp), Cloud KMS, or similar tool set.
· Experience in a development and operations role, implementing security through code development and infrastructure code reviews, establishing security ecosystems utilizing APIs and event driven security response.
· Cloud access security broker (CASB) or similar experience securing SaaS offerings such as O365, GoogleApps, and other cloud vendors.

Viewed: 359 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend