What are the responsibilities and job description for the VP, Cloud Security position at The Custom Group of Companies?
What you will be doing:
SME Consultancy:
SME Consultancy:
- As part of the IT Security team, develop and implement IT Strategy in consultation with the IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall Strategy
- Provide security advice and support for information technology projects as Cloud Security subject matter expert (SME)
- Research new security related products and services to ensure that is equipped with appropriate industry best tools and solutions
- Subject Matter Expert (SME) for cloud security within the Security Operations Department.
- Experience working with and managing IDPS deployments such as Suricata/Snort including a strong PCAP analysis skillset.
- Implement and optimize detection and response workflows in cloud-native/hybrid environments.
- Monitor, investigate, and triage cloud security alerts from SIEM and cloud native tools.
- Collaborate with cloud operations and infrastructure teams to ensure secure architecture and configuration.
- Create and maintain cloud-focused detection rules and playbooks in collaboration with incident response teams.
- Contribute to investigations and assist in threat hunting within environments.
- Review cloud logs.
- Support compliance efforts through evidence gathering, control validation, and reporting.
- Participate in security reviews for existing integrations and new services etc.
- Investigate and respond to security incidents escalated from the SOC.
- Assist in implementing cloud workflows utilizing Lambda and Step functions which enable cloud incident response
- Ensure incident response efforts and documentation comply with industry standards and best practices (GDPR, SOC, NIST, ISO etc.)
- Maintain detailed documentation and reporting for audits and compliance reviews.
- Develop and refine incident response standard operating procedures and playbooks.
- Conduct root cause analysis and post incident reports to identify areas for improvement.
- Recommend and implement process improvements to enhance detection, response and recovery capabilities.
- Operate and maintain controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection, etc with an emphasis on cloud deployments and implementations.
- Conduct IT Security risk assessments for all high impact projects, defining security mitigating controls that impact the technology architectures, service providers, and business partners
- Review and update IT Security procedures to reflect best practice and mitigate current and emerging threats
- Assigned ownership of IT Security Monitoring and Response related FRB and Internal Audit finding(s) and effective /timely resolution with IT Security
- Maintain relationships with third-party IT security vendors and strategic partners
- 'Hands-on' IT Security analysis and engineering experience including securing systems, networks and infrastructure; operational support, including on-call experience
- Proven experience including combination of intrusion detection, malware analysis, forensics and incident response, particularly in cloud/hybrid environments.
- Extensive knowledge of cloud environments such as AWS & Azure.
- Monitor, tune and develop technical IT Security controls and frameworks to ensure appropriate preparation, monitoring and response to threats.
- Ensure a risk-based approach to IT Security is adopted in every part of the business and solutions
- Work with members of the IT Security team to help design, implement and maintain security
- Prepare for, identify (hunt) and remediate cyber threats
- Operate and maintain IT Security controls related to SIEM, DLP, Vulnerability Management, Cyber Threat Intelligence, Endpoint Protection, etc.
- Deliver IT Security projects from concept, approval, design, and implementation to operation
- Ability to collaborate effectively with others to drive forward key security objectives
- Strong documentation and report writing skills (to both technical and business audiences)
- Excellent time management and organizational skills combined with technical IT Security acumen
- Expert knowledge of Firewalls, TCP/IP, IPS, DLP, proxies, SIEM, & Endpoint Protection software
- Financial and/or Banking industry experience preferred
- Virtualized and Cloud platforms experience such as Amazon Web Services, Microsoft Azure or Office 365
- B.S. in a technology discipline (Computer Science, Computer Engineering, Cybersecurity or equivalent);
- Security certifications such as CISSP and at least one GIAC GSEC, GCED, GCIA, GCIH, GREM, GCFR or equivalent is preferred
- Cloud certifications such as AWS Solution Architect, AWS Security Specialty etc.
- Knowledge of incident handling life cycle based on an established framework: ISO 27035, SANS, NIST SP 800-61, CERT, ENISA
- Experience with security and automation in cloud native environments.