Role responsibilities:
Run initial assessments for clients to identify early indicators of risk by requesting and gathering preliminary documentation.
Experience in performing Due Diligence to review key control gap assessments/analysis prior to purchase of a new company to help mitigate identified risks and determine how much effort is required to treat the risk post acquisitions.
Review existing business and product processes to define remediation strategies. and timelines to support alignment and optimisation of the new business security posture.
Hands-on experience in Cloud (AWS/GCP/Microsoft Azure)
Experience in security field specially around information security consultancy or security assessments.
Enterprise Architecture Practice - Continuous Improvement and Continuous Delivery (CI/CD)
Enterprise Architecture Practice (EAP) and Tooling
Privileged Access Management (PAM)
Password Management Software (PMS)
Immutable Backups IMB
Must be process driven with a strong eye for detail and analysis skills.
Proficiency and prior work experience in multiple cybersecurity technical domains (i.e. Network Security, Endpoint Security, Cloud Security, Security Architecture, Software Security, IAM, Encryption, etc.)
Experience with all verticals of Enterprise Security processes and tools.
Experience with enterprise/product architecture design and Threat Modelling tools.
Experience with system development lifecycle including relationship with technology deployment.
Design and implement secure cloud architectures for Cloud that comply with the specific security and compliance needs of our clients.
Collaborate with product teams to integrate cloud security considerations into product development life cycles, ensuring that security is not an afterthought but a foundational component.
Ability to collaborate at all levels, finding workable solutions to risks and issues. Developing a Security Architecture that enables the organisation to explore and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.
Advanced degree or certifications (eg, CISSP, CISM, AZ500, GCP Certified) preferred.