• Location: Charlotte, North Carolina
  • Date Posted: 19th Mar, 2021
  • Reference: 3/3/21N

Our client is a technology and management consulting firm that develops tailored cloud solutions for complex enterprises. They are looking for an experienced Cloud Security Architect with extensive Azure knowledge to join their team of expert technical and management consultants.


Key Job Responsibilities:



  • Cloud Infra security and Compliance assessments


    • AWS, GCP, Azure


  • Cloud Security Program consulting-help customers;

  • Security Architecture reviews for Cloud-based applications, covering:


    • Infrastructure Security


      • CIS Benchmarks, etc.


    • Data Protection


      • encrypt data at rest using Cloud Service Provider provided keys vs using customer managed key

      • encrypt data in transit using the latest TLS


    • Key Management


      • What secrets are used in the app; how are they handled?


    • Web Application Security


      • OWASP top 10 is key


    • Cyber Security: Attack Scenarios/kill chain, threat actors and controls

    • Secure SDLC Methodologies

    • Threat Modelling


      • STRIDE, PASTA, KillChain


    • Vulnerability Assessments


      • AlertLogic, Nessus, Qualys, etc.



  • Implementing security controls in the cloud, including;


    • Security Groups, NACLs

    • IAM Policies

    • Web App Firewalls

    • Logging and Monitoring, etc.


  • Working in a DevSecOps program, including;


    • Adding security controls to the CICD pipelines

    • Providing security guidance to the Pipeline DevOps team

    • Compliance automation

    • Assist the team with mapping compliance checks, writing compliance rules, and enhancing base compliance rules (as an example, adding content on top of CIS Benchmarks)



Requirements:



  • Experience working in Information Security space.

  • Proven experience in design, implementation and operation of large-scale security architecture solutions in a large and complex multi-supplier / multi-platform environment.

  • Proven understanding of operational integration of security functions

  • Strong experience with security technologies, including Firewalls, DLP, web filtering, NAC, IDS/ IPS, SSO, IAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.

  • Security Domain Coverage Required

  • Cloud/SaaS Security experience

  • Infrastructure Security experience

  • Key Management experience

  • Web Application Security experience

  • Cyber Security: Attack Scenarios/kill chain, threat actors and controls

  • Secure SDLC Methodologies

  • Threat Modelling experience

  • Vulnerability Assessments experience

  • Information Security Governance experience

  • Proven ability in security process and organizational design

  • Well-rounded background in host, network, database, and application security.

  • Experience implementing security controls in a self-service environment.


Ready to apply?


Send your resume to n.hunter@nigelfrank.com to discuss further.

Similar Jobs

Azure Data Architect - $160, 000 - Charlotte, NC
Charlotte, North Carolina

(Remote) Azure Security Architect
Charlotte, North Carolina

(Remote) Azure Systems Engineer
Charlotte, North Carolina