This job is no longer available. Continue your job search here.
Cloud Security Consultant
Singapore
Job No. r00123042
Full-time
Job Description
The Team
Our cybersecurity team offer services that enable mission resilience by offering deep cyber expertise, advanced analytics, continuous monitoring, and secure cloud services. Working closely with our clients, we design, build and implement information security strategies and solutions that can help enhance business performance.
The Role
Cloud Security Solutioning: devise implementation plans, formulate cloud security architecture designs, and join implementation teams in implementing the solutions devised on one or more cloud service providers (CSPs).
Multi-Cloud Security Implementation: Follow implementation plans and designs to implement various components in the cloud to secure client’s cloud tenants. This includes and not limited to:
Cloud firewalls & network segmentation rules.
Cloud API Gateway Security Policies
Cloud Web Application Firewall
Workload security solutions (VMs, Containers, Functions)
Directory Services Authentication & Authorization, and Key Management
DevSecOps Toolsets
Security Analytics
Third Party Cloud Security Platforms Implementation: get acquainted with leading cloud security platforms and solutions, attend trainings for the same and follow implementation plans and designs. Examples include:
Cloud security posture management
Container security management
Endpoint security management
Third party next-generation firewalls.
DevSecOps Scanners and Testers (SAST, DAST & VA)
Carry out design and implementation assessments and thread modeling when required against established standards and best practices (i.e: STRIDE, PCI DSS, CSA CCM)
Qualifications
The Right Profile
Experience in architecting and developing security solutions on one or more cloud platform (AWS, GCP or Azure) and applying the cloud native security services
Understand identity concepts - SAML, JWT, Oauth etc.
Solid understanding of security concepts and tools - Certificates, DLP, WAF, SIEM, firewalls, DDOS prevention, IDS/IPS, privileged access management, Encryption, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture etc.
Deep understanding of security frameworks and processes - CIS, NIST, PCI/DSS. SOCI/II, etc
Ability to document risks, security controls and evidence to ensure compliance
Good written and oral communication skills with the ability to adapt style and language depending on the audience