Cloud Security Professional
The company I am representing are seeking an experienced Cloud Cybersecurity Governance, Risk & Compliance professional to join there expanding team. You will be part of the team that oversee the secure development and delivery of cloud-based solutions. This is a key role in ensuring the security of our cloud-hosted products, services, applications and data through policies, controls, assessments, solution reviews and risk management.
As well as technical skills to understand specifics in relation to cloud services and solutions, in particular, AWS and Azure cloud services.
* Define requirements, as well as lead and manage activities for certification attainment and the maintenance once acquired i.e, ISO27001, ISO27017, ISO27018, FedRAMP
* Define requirements, as well as lead and manage activities, for policy, legal, regulatory and scheme compliance
* Definition and management of policies, standards and technical specifications
* Assess the effectiveness of IT Security controls by managing and conducting security reviews of internal and external products and solutions
* Manage and conduct 3rd Party vendor security assessments
* Establish and maintain a Risk Management Framework in order to identify information security risks
* Provide mitigation proposals to engineering, architecture and operational teams to reduce or eliminate risk
* Participate and support internal/external auditors on all audits pertaining to Forcepoint's Cloud offering, and/or plan and execute internal audits where necessary
* Assess compliance levels with internal policy and operating procedures requirements
* Monitor and report on overall progress with the Cloud ISMS
* Provide support to the professional services group and the business proposal group in clarifying compliance with certification requirements in addition to customer-specific requirements
* 5 years' experience in IT security, compliance and risk management, data privacy, or security controls
* 5+ years in an IT security leadership or consultancy role, leading successful security initiatives
* Bachelor's Degree in Computer Science, Information Systems Management, Information Security or other relevant academic qualification
* Strong knowledge of cybersecurity, data privacy, emerging technologies, and related topics
* Strong knowledge of a range of frameworks, regulations and standards i.e. ISO27001, ISO27701, ISO27017, ISO27018, SOC2 Type 2, CSA STAR, GDPR, NIST, FedRamp
* Strong experience developing policies and standards
* Experience with DevSecOps, Continuous Development, Continuous Deployment, Continuous Integration, Cloud Infrastructure and Microservices
* CISSP, CISM, CISA, CRISC, ISO27001 Lead Auditor or equivalent professional certifications
For more info call Peter Raine at Reperio Human Capital 015713966
Reperio Human Capital acts as an Employment Agency and an Employment Business.