Job Summary:

• Own and maintain public cloud infrastructure and SaaS-based tooling.
• Regularly auditing public cloud infrastructure, identifying findings, and tracking efforts to remediation.
• Partnering with key business functions to determine business requirements and inform Security and Compliance needs.
• Responsible for the building, improvement efforts, and maintenance of security tooling and platforms.
• Engaging in the selection, development, customization, and deployment of critical applications, including CRM, HRIS, Finance/Accounting, Collaboration, Productivity Management, etc.
• Working closely with the Cloud Security Manager and other team leadership members to deliver on requirements and report on progress.
• Contributing to the development of best practices within the Security team including IAM policies, networking policies, auditing and logging standards.
• Continually improving and optimizing operational efficiency through process improvement and automation.
• Investigate, design, implement and maintain security systems/tools to audit and monitor the environment using cloud-native solutions.
• Assist with and own remediation of escalated security events and incidents.
• Build threat models and conduct risk assessments for new features and services.
• Lead Cyber Security Reviews and ensure compliance with the privacy office recommendations.
• Design and implementation of Security and Compliance Policies and Standards, Disaster Recovery Plans, Data and Information Backup and Recovery Guidelines.

Skills on Resume: 

• Cloud Management (Hard Skills)
• Security Auditing (Hard Skills)
• Requirement Analysis (Hard Skills)
• Tooling Development (Hard Skills)
• Application Deployment (Hard Skills)
• Team Collaboration (Soft Skills)
• Best Practices (Hard Skills)
• Process Improvement (Hard Skills)

Job Summary:

• Drive design and implementation of security best practices across the cloud infrastructure
• Proactively monitor and mitigate any security vulnerabilities that affect the cloud infrastructure
• Active participation in industry-standard security compliance certifications for the products and infrastructure
• Embrace and encourage DevSecOps culture within Cradlepoint
• Continuously strive to improve programmability and automation of the cloud infrastructure
• Work closely with Enterprise IT and Cloud Services teams on securing Wex's infrastructure and applications in a hybrid cloud environment.
• Engineer, implement, and monitor security measures to protect the enterprise’s cloud environment and resources.
• Configure and troubleshoot security infrastructure platforms and services.
• Regularly review configurations and develop improvement plans for cloud security platforms and services
• Develop technical solutions and new security tools to help mitigate security findings
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Keep management informed with precise, accurate information about security posture and events – no surprises.
• Produce and or help design documentation to help formalize the security
• Create, document and maintain formal processes to meet certification requirements

Skills on Resume:

• Security Best Practices (Hard Skills)
• Communication (Soft Skills)
• Compliance Participation (Hard Skills)
• DevSecOps Advocacy (Soft Skills)
• Infrastructure Automation (Hard Skills)
• Security Engineering (Hard Skills)
• Configuration Troubleshooting (Hard Skills)
• Collaboration (Soft Skills)

Job Summary:

• Provide day-to-day and project-related security support for system maintenance and integration of security technology infrastructure and processes in the cloud.
• Deploy security controls as code in support of projects and day to day operations.
• Monitor internal control systems to ensure that appropriate information access levels and security clearances are maintained.
• Interface with peers, other IT teams, leadership, and end users to develop innovative solutions to complex problems and improve controls to mature the security organization.
• Design, implement, and update technical control requirement models and methodologies to support security policy and standards.
• Perform security gap analysis, provide recommendations to resolve gaps and guide the development of business cases to identify and evaluate new products.
• Optimize current product implementations and support and develop roadmaps for current and future platforms.
• Contribute to complex system analysis to improve internal team processes and procedures to mature the security organization.
• Develop, implement, and support standard operating procedures and customer service guidelines relating to security domains.
• Implementing, migrating, or upgrading security systems
• Supporting technical presales process, e.g., implementation of the Proof of Concept environment
• Writing project documentation
• Consultations on technological solutions that cover the technical needs of customers

Skills on Resume: 

• Security Support (Hard Skills)
• Security Controls Deployment (Hard Skills)
• Access Monitoring (Hard Skills)
• Problem-Solving (Soft Skills)
• Control Design (Hard Skills)
• Gap Analysis (Hard Skills)
• Product Optimization (Hard Skills)
• System Analysis (Hard Skills)

Job Summary:

• Providing leadership updates related to the threat landscape, progress with maturing program and strategic needs for a path forward
• Work with peers across the department and company to understand the technology and other data sources that play a role in the maturing process and capability
• Working with GSK M&A teams to help build an onboarding program for technology stacks, minimizing timeline to increasing security access and overall strength of security posture with new acquisitions
• Work to build corporate communications plans related to the program
• Support the cloud security program around infrastructure security areas, such as on-prem, public hybrid and multi-cloud, SaaS, etc. including cyber security areas such as network security, including OT security, endpoint security, host, mobile, container, ensuring a robust ecosystem that supports visibility for security visibility and incident response.
• Act as an interface with technical experts in the Platforms for Consumer technology teams as they build out internal & external capabilities on behalf of GSK and the customers.
• Responsibility for designing, implementing, operating and further developing cloud security solutions
• Managing the external partners (manufacturers and service providers)
• Providing consultation to and supporting agile project teams in the context of cloud initiatives
• Closely cooperating with the international business departments and national IT departments
• Perform operational tasks such as application updates, internal tools updates, server patching, and application migrations.
• Be customer-focused, work independently, with a sense of initiative and a hands-on approach

Skills on Resume: 

• Leadership Updates (Soft Skills)
• Collaboration (Soft Skills)
• Onboarding Program Development (Hard Skills)
• Corporate Communications (Soft Skills)
• Cloud Security Support (Hard Skills)
• Technical Interface (Soft Skills)
• Cloud Security Solutions (Hard Skills)
• External Partner Management (Soft Skills)

Job Summary:

• Provide security guidance to Engineering and Product teams on overall cloud architecture security.
• Build Threat Models, conduct Risk Assessments, and provide security requirements for new features or services.
• Provide guidance on effective security controls for cloud applications and data products.
• Assist in building and rolling out processes for secure code development and deployment involving cutting-edge technology.
• Work closely with the product development engineers to perform security design and code review by suggesting flow improvements, and anti-tamper protection for security modules, and help with the integration of vulnerability assessment tools.
• Provide subject matter expertise on Encryption, Security Controls, and Secure Design and programming practices across the R&D and IT organization.
• Contribute to Security Policy, Standards, and Guidelines related to Information Security.
• Contribute to cybersecurity deliverables for regulatory submissions.
• Implement Secure Software Development Lifecycle practices through security tools and automation.
• Train and mentor Security Champions throughout the development process and build a security-by-design ecosystem within the development life cycle.
• Share thought leadership in the cloud and application security space.

Skills on Resume: 

• Security Guidance (Hard Skills)
• Threat Modeling (Hard Skills)
• Risk Assessment (Hard Skills)
• Security Controls (Hard Skills)
• Secure Development Processes (Hard Skills)
• Code Review (Hard Skills)
• Encryption Expertise (Hard Skills)
• Policy Contribution (Hard Skills)

Job Summary:

• Conducting security architecture reviews of the application stack, including applications built on cloud and emerging technologies
• Performing security/penetration testing on new applications, products, and features before they are released
• Reviewing source code for potential security issues
• Designing and automating security test cases to check for vulnerabilities or broken/missing security controls
• Providing specific risk assessment and remediation guidelines for developers and business owners
• Triaging and reviewing findings from security tools, including static and dynamic scanners
• Researching the latest security standards, trends, threats and vulnerabilities, and technology frameworks
• Documenting and disseminating security guidelines for common security issues, remediation guidance, and security baselines
• Working with developers to provide security guidance and mentor them on secure development practices
• Developing tools and exploits to support security testing
• Writing automation to streamline common tasks, tests, workflows, etc.

Skills on Resume: 

• Security Architecture Review (Hard Skills)
• Penetration Testing (Hard Skills)
• Source Code Review (Hard Skills)
• Security Test Automation (Hard Skills)
• Risk Assessment (Hard Skills)
• Tool Findings Triage (Hard Skills)
• Security Research (Hard Skills)
• Security Documentation (Hard Skills)

Job Summary:

• Work with UKI solutions teams to provide content to drive deals that relate to cloud security transformation in multiple domains from the Design, Build and Operate phases
• Provide demonstration of IBM credentials in Cloud Security Strategy, Risk, and Compliance as well as a good understanding of multiple domains IAM, Security Operations Consulting, Application and Data Security and Infrastructure Endpoint, leveraging principles of Zero Trust security architectures, and cloud-native & hybrid security solutions
• Drive security transformation offerings and be a focal point in UKI to help understand existing capabilities, offerings, client references and experiences
• Act as a senior thought leader in cloud security transformation internally in IBM and externally in marketing events and industry conferences
• Ability to sell security solutions to the C-suite and the Board and existing relationships/examples of such interaction
• Work closely with the global, regional and local solution design teams in developing client presentations and SOWs.
• Detailed knowledge of architecting and leading delivery of cloud-native delivery methods and blueprints, security and deployment models for IaaS, PaaS, CaaS and SaaS across one or more hyper-scaler
• Delivery should center around adopting an agile approach, leveraging automation across application and infrastructure security via a DevSecOps-driven approach
• Working with global and local teams, help organize project approaches and teams for client delivery
• Participate in project delivery, to varying degrees depending on project complexity and geographical needs
• Help resolve program issues as they arise with senior leadership

Skills on Resume:

• Content Creation (Soft Skills)
• Cloud Security Strategy (Hard Skills)
• Risk and Compliance (Hard Skills)
• IAM and Security Operations (Hard Skills)
• Security Transformation (Hard Skills)
• Thought Leadership (Soft Skills)
• C-suite Selling (Soft Skills)
• Solution Design (Hard Skills)

Job Summary:

• Establish strong client relationships in key accounts to help progress the Security Services portfolio.
• Provide UKI practice leadership by facilitating a community of like-minded practitioners to share and exchange ideas for practice growth and improvement
• Contribute content and advice to the offering development process
• Help shape the emerging model of the CloudSec practice
• Help establish capability and skills models for the core domain, mentor team
• Become a role model for UKI, European and global practitioners in the core domain
• Work with engineering teams to adopt the Cisco Secure Development Cycle (CSDL).
• Work with leaders in different roles, executives, Product Marketing leads, technical leaders, and program managers as well as the development and test communities 
• Automate Alissa cloud deployments in the CI/CD pipelines
• Update/maintain CI/CD pipelines and support other teams
• Design cloud architecture for new products and update existing architectures to improve availability, performance, security
• Partner with engineering teams to identify a product's attack surface and co-design ways to mitigate security weaknesses and secure features
• Connect teams to resources that help achieve security outcomes.

Skills on Resume:

• Client Relationship Management (Soft Skills)
• Practice Leadership (Soft Skills)
• Offering Development (Hard Skills)
• Model Shaping (Hard Skills)
• Capability Development (Soft Skills)
• Mentorship (Soft Skills)
• Secure Development (Hard Skills)
• CI/CD Automation (Hard Skills)

Job Summary:

• Supports the security management of security systems in design, security risk assessment, setup and operations.
• Advises and reviews security requirements to ensure necessary security measures and standards are incorporated into security systems as well as subsequent operations.
• Assesses gaps identified in security measures, SDLC, as well as tests, audits and reviews conducted, and propose measures to address them.
• Performs analysis and trending of security data from various security devices/systems, proposes and supports detection and alerting rules and procedures.
• Supports security operations management in change management reviews and access rights reviews.
• Responds to user incident reports and evaluate the type and severity of security events.
• Executes initial triage of incidents to rule out false positives and documents incidents and develops reports.
• Identifies recurring security issues and risks and develops mitigation plans and recommends process improvements.
• Interprets and applies security policies and procedures.
• Be diligent and take an analytical approach to perform analysis, and threat detection, and propose necessary security measures.
• skilled in synthesizing trends and insights, and is confident in putting forth creative mitigation plans and solutions to security incidents.
• Provide, advise and review security requirements, measures and standards required for systems acquisition, design, changes and upgrades, development, implementation as well as operations.
• Review security tests, audits and reviews conducted, to assess gaps identified and measures proposed to address the gaps and propose countermeasures
• Oversee the implementation of such measures.

Skills on Resume:

• Security Management (Hard Skills)
• Risk Assessment (Hard Skills)
• Security Requirements (Hard Skills)
• Gap Analysis (Hard Skills)
• Security Data Analysis (Hard Skills)
• Incident Response (Hard Skills)
• Threat Detection (Hard Skills)
• Policy Interpretation (Hard Skills)

Job Summary:

• Set up and manage security systems such as firewalls, IPS, network ATP, VPN, WAF, end-point protection, certificate management system, log management system, database access monitoring, vulnerability and compliance scanners.
• Perform audits, reviews, security control assessments, and tests of security operations based on established schedules.
• Perform analysis and trending of security data from various security systems.
• Analyse security event data to identify suspicious and malicious activities.
• Follow-up to investigate activities and provide inputs to improve security monitoring rules and alerts.
• Document processes related to security monitoring.
• Track alerts on cyber security threats and work with necessary parties to perform required mitigations as well as provide regular reporting.
• Participate in change advisory boards for security-related changes, including reviewing ongoing requests for security configuration changes.
• Organise accounts and access rights review exercises, reporting, as well as follow-up actions.
• Implement security protocols and create emergency response procedures.
• Schedule security checks in accordance with reporting schedules.
• Prepare periodic status reports for presentation to management.
• Review or prepare SOPs to support security operations management.
• Perform ongoing risk assessments of security gaps that surfaced in IT projects/systems.

Skills on Resume:

• Security System Management (Hard Skills)
• Security Audits (Hard Skills)
• Data Analysis (Hard Skills)
• Event Analysis (Hard Skills)
• Investigation (Hard Skills)
• Process Documentation (Hard Skills)
• Threat Mitigation (Hard Skills)
• Access Review (Hard Skills)

Job Summary:

• Fully understand the cloud architecture across multiple cloud providers
• Fully understand the application architecture across these platforms
• Using the CSA and other secure cloud architecture frameworks, review and identify gaps and control improvements
• Run and manage cloud assessment and compliance tools
• Recommend tangible improvements and priorities based on risks
• Creating or improving and implementing a formal Threat Risk Modeling program as an integral part of the SDLC.
• Perform threat risk modeling to help identify areas of potential threats
• Work with DevOps and Developers to improve the security culture and areas needing improvement
• Document findings on both a technical and management level to present findings to different parties
• Manage findings and actions by creating tickets and fully managing them
• Participate in larger security team and enhance development lifecycle
• Proactively identify gaps in current security posture and develop solutions.
• Analyze, document and present solutions meeting needs
• Help investigate and respond to security incidents

Skills on Resume:

• Cloud Architecture (Hard Skills)
• Application Architecture (Hard Skills)
• Control Improvement (Hard Skills)
• Compliance Tools (Hard Skills)
• Risk Recommendations (Hard Skills)
• Threat Risk Modeling (Hard Skills)
• DevOps Collaboration (Soft Skills)
• Incident Response (Hard Skills)

Job Summary:

• Assess business unit environments vis-a-vis their unique cloud requirements
• Contribute to high-level conversations regarding future investment decisions and capabilities.
• Define cloud security architecture standards and guidelines to be implemented
• Recommend security tools and prescribe implementation strategies and configuration guidelines
• Lead selected cloud security efforts installing tools, configuring cloud environments and setting standards and guidelines
• Perform pre/post-implementation security reviews on cloud deployments
• Implement a risk-based approach to the process of defining and implementing changes to security frameworks, processes, models, and architecture.
• Implement and maintain security architecture strategy, principles, models, standards, guidelines, and configuration
• Provide monitoring points to help improve CSOC operations and logging/alerting
• Manage cloud-based security and compliance tools
• Create management-friendly reporting from tools
• Promote standards-based change and problem management
• Collaborate with internal and external parties to get and share information to improve processes and security posture
• Communicate to security team leadership

Skills on Resume:

• Cloud Assessment (Hard Skills)
• Investment Decision Support (Soft Skills)
• Security Architecture Standards (Hard Skills)
• Security Tool Recommendations (Hard Skills)
• Cloud Security Implementation (Hard Skills)
• Security Reviews (Hard Skills)
• Risk-based Approach (Hard Skills)
• Monitoring and Logging (Hard Skills)

Job Summary:

• Drive design and implementation of security best practices across the cloud infrastructure
• Proactively monitor and mitigate any security vulnerabilities that affect the cloud infrastructure
• Active participation in industry-standard security compliance certifications for the products and infrastructure
• Embrace and encourage DevSecOps culture within Cradlepoint
• Continuously strive to improve programmability and automation of the cloud infrastructure
• Work closely with Enterprise IT and Cloud Services teams on securing Wex's infrastructure and applications in a hybrid cloud environment.
• Engineer, implement, and monitor security measures to protect the enterprise’s cloud environment and resources.
• Configure and troubleshoot security infrastructure platforms and services.
• Regularly review configurations and develop improvement plans for cloud security platforms and services
• Develop technical solutions and new security tools to help mitigate security findings
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Keep management informed with precise, accurate information about security posture and events
• Produce and or help design documentation to help formalize the security
• Create, document and maintain formal processes to meet certification requirements

Skills on Resume:

• Security Best Practices (Hard Skills)
• Communication (Soft Skills)
• Compliance Participation (Hard Skills)
• DevSecOps Advocacy (Soft Skills)
• Infrastructure Automation (Hard Skills)
• Security Engineering (Hard Skills)
• Configuration Troubleshooting (Hard Skills)
• Collaboration (Soft Skills)