Story Behind the Need:
• Business group: Cryptography – HM’s team is a product group within Cloud and Applications Security – in security vertical in the Bank
• Project: CAP Program – Cloud Acceleration Program – Working on designing a secure environment, on Network security for cloud as one of the crucial security domains and forms a fundamental building block in the entire cloud architecture and will also be required for PCI compliance.
Candidate Value Proposition:
• The successful candidate will have the opportunity to lead one of the major cloud transformations in the industry, high visibility program.
Typical Day in Role:
• Support and define secure network strategies and architecture for GCP workloads – GCE and GCVE, developing associated standards and meeting compliance requirements like PCI.
• Collaborate with cloud infrastructure, DevOps and development teams to integrate security during the design and development phases
• Implement security controls and best practices for GCP and Azure cloud services
• Provide mentorship and training to other team members on cloud security principles
Candidate Requirements/Must Have Skills:
• 10+ years’ experience in IT Security
• 4+ years’ GCP experience (services and products) – with demonstrated experience in GCP Network Security OR Data Security (for the 2 different roles, please specify which they have/are strongest in)
• 4+ years’ experience in security controls architecting and solutioning
• 4+ years’ experience with documenting design architecture and security requirements
Nice-To-Have Skills:
• Experience with deployment and managing IaaS, PaaS & SaaS solutions
• GCVE experience
• 4+ years’ experience in the financial industry
• Knowledge of /exposure to infrastructure as code (IaC)
• Knowledge of /exposure to CI/CD tools like Jenkins, Azure DevOps, GitLab CI/CD, CircleCI, BitBucket/GitHub, Jfrog Artifactory, Ansible, Confluence, Jira, Bamboo etc.
Soft Skills Required:
• Strong analytical and problem-solving skills, with an ability to think strategically and tactically about complex cloud security issues.
• Communication: excellent written and verbal communication and interpersonal skills
• Fast learner with strong analytical skills and improvement mindset
• Must be able to operate independently within tight time frames
• High energy, demonstrated ability to work under pressure, deals well with ambiguities and uncertainties, and drives results.
Education:
• Security certifications nice to have: CISSP (1st preference), Google Professional Cloud Security Engineer (2nd preference), CCSP, CCSK
Best VS. Average Candidate:
• Best is someone who can visualize architecture of the cloud in either PPT or on Visio.
Candidate Review & Selection
• In person interviews – on Tuesdays and Thursdays (HM can accommodate as needed but please note these days)
• 1 round – 1 hour – with HM – technical interview with scenario-based questions, if in person will be solutioning live on paper/whiteboard
Job Details
12546
Contract
6 months
Scarborough
#J-18808-Ljbffr