Job Title: Cloud Security Architect Lead
Job Purpose
Design secure and reliable cloud solutions to protect the organization's digital assets from internal and external cyber threats. This position involves developing and implementing a comprehensive cloud security strategy, conducting thorough analyses of current infrastructure and applications, and collaborating with stakeholders to align cloud security architecture with business goals. The role also includes creating and maintaining robust cloud security architecture, performing regular security assessments, ensuring compliance with industry standards, and managing risks associated with cloud-based projects.
Key Activities, Responsibility & Accountability
Cloud Strategy and Planning
Responsibilities and Accountabilities:
• Develop and implement the organization's cloud security strategy.
• Conduct comprehensive analysis of current infrastructure and applications to determine optimal cloud security solutions.
• Collaborate with stakeholders to align cloud security architecture with business goals.
Design and Develop Cloud Security Architecture
Responsibilities and Accountabilities:
• Create and maintain a comprehensive cloud security architecture that ensures the security of cloud-based systems.
• Identify the specific security needs of your organization, including compliance requirements, data sensitivity, and business objectives.
• Develop and validate security controls to protect cloud infrastructure and applications.
• Review Solution designs for cloud-based projects and ensure those align with information security and compliance requirements
• Provide security recommendations for new cloud projects.
• Maintain and update the cloud security decision tool to ensure easy decision making for cloud projects.
Responsibilities & Accountabilities (contd.)
Security Assessments and Compliance
Responsibilities and Accountabilities:
• Perform regular security assessments to ensure security of the cloud platforms.
• Perform scheduled security assessment for cloud-based solutions.
• Support Audit teams during cloud audits.
• Perform continuous evaluation and ensure compliance with security standards.
• Ensure compliance with industry security standards and regulations.
Incident Response
Responsibilities and Accountabilities:
• Work with incident response team to support investigation of cloud related incident.
Risk Management
Responsibilities and Accountabilities:
• Conduct risk assessments and develop mitigation strategies.
• Review risk raised for cloud related projects and perform risk evaluation.
• Update the risk tracker and maintain the same.
• Track risks from risk tracker on regular basis.
• Evaluate third-party vendor security posture and ensure that their practices comply with company standards and regulatory requirements.
• Lead efforts to manage security risks in the supply chain.
Reporting & Documentation
Responsibilities and Accountabilities:
• Prepare detailed reports on risk assessments, security audits, and compliance activities.
• Track and report on the departmental KPI on periodic basis.
• Create and maintain security baselines for Cloud technologies.
• Establish clear cloud security decision matrix that governs access control, data protection, incident response, and compliance.
• Adopt industry standards and frameworks such as NIST, ISO/IEC 27001, and the Cloud Security Alliance (CSA) guidelines.
• Provide training and guidance on cloud security best practices for team members.
• Maintain up-to-date knowledge of cloud security trends, threats, and countermeasures.
• Stay up to date on the latest security threats, tools, and trends.
• Mentor junior resources on cloud related projects.
• Communicate findings and recommendations to both technical and non-technical stakeholders at various levels of the organization.
Health and Safety, Security, and Business Continuity
Responsibilities and Accountabilities:
• All individuals take personal responsibility for safety; follow company HSE policies, procedures and instructions; avoid complacency and continuously challenge existing conditions and activities in order to identify discrepancies that might result in error or in appropriate action; report any situation that could present a hazard; not intentionally or recklessly interfere with or misuse anything provided at the workplace in the interest of health, safety, welfare or protection or management of the environment.
• Follow all relevant Security policies, processes, procedures, and instructions to ensure security compliance in all aspects of work, by applying them on self, others, and corporate assets.
• Follow all relevant Business Continuity and Resilience requirements for compliance with, and adherence to, policies, procedures and instructions related to the effective planning for, and response to, incidents and/or business disruptions to continue critical business processes and activities with minimal adverse impact.
Professional Certifications
CISSP, SC-100, CEH, AWS Certified, Multiple Azure Certifications, TOGAG/ COBIT certified
Qualifications
Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or relevant field.
Pref -
Experience
Bachelor’s Degree with 7 years’ experience, Diploma, Military or Police Academy graduate with 10 years’ experience, or High School with
• 12 years’ experience.