Cloud Security Job Description
Cloud security
provides analysis and recommendations for the continuous improvement of cloud network and security (Azure, AWS, GCP, etc.).
Cloud Security Duties & Responsibilities
To write an effective cloud security job description, begin by listing detailed duties, responsibilities and expectations. We have included cloud security job description templates that you can modify and use.
Sample responsibilities for this position include:
Develop approach to conducting Security Assessment & Authorization (SA&A) in the cloud for FedRAMP approved cloud service providers
Provide technical expertise on considerations for moving systems to the cloud, potential security risk, required security controls
Perform security design reviews to assess security implications for the introduction of new or differing technologies within the environment
Work closely with engineering teams, influencing the adoption / adherence of security best practices, the creation / maintenance of security policy, standards and guidelines
Support and consult with OPC partner teams (IT, security operations, corporate governance, product development, ) on deep technical security & risk considerations
Support and consult with OPC partner teams (IT and security operations, corporate governance, product development, ) on deep technical security & risk considerations
Create security automation with AWS using services such as Lambda
Two or more years with AWS/Public Cloud (AWS Certified), seven or more years of software development or infrastructure experience
Six or more years with AWS/Public Cloud (AWS Certified), seven or more years of software development or infrastructure experience
Support and consult with partner teams (security operations and development, compliance and risk, corporate governance, product development, ) on deep technical security and risk considerations
Cloud Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Cloud Security
List any licenses or certifications required by the position: CISSP, AWS, GIAC, CISA, CISM, SABSA, TOGAF, OSA, IPS, IDS
Education for Cloud Security
Typically a job would require a certain level of education.
Employers hiring for the cloud security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Technical, Engineering, Business, Information Technology, Information Security, Education, Information Systems, Design, Technology
Skills for Cloud Security
Desired skills for cloud security include:
Azure
Common and industry standard cloud-native/cloud-friendly authentication mechanisms
AWS
HIPAA
FedRAMP
Security
Encryption
Authentication
Python
Firewalls
Desired experience for cloud security includes:
Evaluates new technologies against established requirements and validate the security of the technology
Identify processes/procedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response teams
At least 5 years experience in information technology with a minimum 2 years in information security or cloud engineering
Must have experience with virtualization (cloud or non-cloud)
Some experience working with Information Security programs
Knowledge of Cloud infrastructure, security architectures, and standards
Cloud Security Examples
1
Cloud Security Job Description
Job Description Example
Our company is growing rapidly and is hiring for a cloud security. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for cloud security
- Define and build security design patterns for cloud-based security services
- Responsible for the creation of a cloud security framework to articulate the security strategy to various audiences (senior technology management, other architecture disciplines, application and systems development groups)
- Ensure consistency with cloud architecture guiding principles across the AWS, Azure and GCP infrastructures
- Provide expert services and knowledge of FedRAMP ATO processes
- Develop processes for documenting, assessing, and managing security risk in a cloud environment
- Develop policies for using cloud services at the Department, including required security policies and artifacts
- Work as a product owner for security features
- Collaborate with program teams to capture design inputs for product security and privacy
- Design cloud security architectures and strategies
- Two or more years of experience in Security, Compliance and risk management, including privacy, controls
Qualifications for cloud security
- Technical knowledge in routing, firewall policy, Anti-Distributed Denial of Service (Anti-DDoS), Web Application Firewall (WAF), Intrusion Prevention System (IPS), Security Information and Event Management (SIEM), secure credential management, virtualization, service oriented architecture, development practices, operational practices, micro services architecture and database design
- Demonstrated good communication skills and a history of running numerous time sensitive projects involving multiple cross-functional teams and background in large scale security oversight
- Experience in defending attacks utilizing information security technologies, including web application firewalls, anti-DDoS technologies, advanced anti-malware solutions, network forensics
- Understanding of incident response processes and artifact collection for digital forensic investigation purposes
- Understanding of enterprise IT security risk assessments and related frameworks (e.g., SOC2, ISO 270XX, NIST CSF, NIST 800-XX, COBIT, ) and industry best practices
- Demonstrable understanding of network security, operating systems, authentication/authorization/audit systems, and use of cryptography
2
Cloud Security Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of cloud security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for cloud security
- Utilize cloud-based API's when appropriate to write network/system level tools for security cloud environments
- Two years in Security, Compliance and risk management, including privacy, controls
- Sixyears of experience in Security, Compliance and risk management, including privacy, controls
- Represents Security Platform in the development and implementation of the overall global enterprise cloud architecture
- Architect security controls based upon CISO office policies and standards
- Assess and understand the current cloud security posture and future architecture, providing recommendations for vulnerability remediation and risk reduction
- Assess and mitigate security risk associated with integrated services provided by public/private/hybrid cloud platforms
- Interface closely with Global technical support, internal engineering, and QA teams for improving the Cloud security aspects of the product
- Collaborate across the engineering and operations organization to advise on secure architecture/design, attack surface area reduction, least privileged design, threat mitigations, and security best practices
- Responsible in defining security controls to protect technological platforms stood up within Thermo Fisher Cloud
Qualifications for cloud security
- Demonstrated deep and broad understanding of security vulnerabilities and attacks (Hardware, Firmware, Network, Software, and People) and ability to apply them or find new ones based on new technology being developed
- Provide expert services and leading practice knowledge of moving systems in the cloud
- Working knowledge of application security, including Web Services and SOA, Agile and DevOps
- Experience within the transformation of traditional data center security measures into industry adopted cloud technologies like Amazon Web Services, Azure
- Demonstrated knowledge of infrastructure security, including windows, Unix/Linux, desktop/laptop, and mobile security, knowledge on cryptography and PKI
- Proven ability to work with compliance frameworks and requirements such as PCI, HIPAA, SOX
3
Cloud Security Job Description
Job Description Example
Our innovative and growing company is looking for a cloud security. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for cloud security
- Collaborate with technologists and architects across the company to make technical security recommendations for cloud native development
- Embed and maintain security policy, best practice and guidelines into cloud specific documentation
- Drive automation and auditing for security controls
- Develop and mentor peers within the security organisation
- Be a thought leader and influencer in the emerging cloud architecture best practices which includes continuous delivery, security, infrastructure as code, automation, immutable infrastructure and service discovery
- Create execution strategies that focus on embedding security controls into existing design and build practices to allow proactive rather than reactive focus
- Manage applicable standards and procedure translating security requirements into easily understandable and achievable goals
- Maintain a deep understanding of core security disciplines, with close attention to developing industry trends
- Work with teams comprised of Software Engineers, UI Design, Network and Infrastructure, Platform and the Product Owners to help lead the creation, validation, and integration of comprehensive security solutions in to their products
- Strengthen the controls around our AWS environments (IAM policies, network ACLs, Cloudtrail logging & monitoring)
Qualifications for cloud security
- Application systems, network architecture, multiple platforms and new technologies from a security perspective to include, but not limited to, Firewalls
- Knowledge of technology methodologies – service oriented architecture (SOA), software & hardware development practices, operational practices, web services design, database design and data management
- Leadership & Soft Skill Qualification
- Have working knowledge of common and industry standard cloud-native/cloud-friendly authentication/authorization mechanisms (OAuth, OpenID, SAML ) and key management solutions (Safenet, Thales etc)
- Prior experience in a technology company working closely with Product and DevOps engineers on security requirements and implementations
- Actively participate in or lead technical exchange meetings and application review boards, documenting action items/results of these events
4
Cloud Security Job Description
Job Description Example
Our growing company is searching for experienced candidates for the position of cloud security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for cloud security
- Guides internal customers on cloud security practices and help implement security in cloud workloads
- Evaluate new security solutions & managed security services to help secure cloud workloads
- Design and implement AWS/Azure/Cloud based DevSecOps processes and tools
- Collaborate within organization to build secure IaaS, PaaS & SaaS environments for AWS/Azure
- The candidate will need to become proficient with corporate and industry security requirements
- They will work closely and collaborate with the Information Security Officers (ISOs), IT Portfolio and Business units to support their needs
- Additional responsibilities will include interaction with cloud security vendors & products
- Apply deep security-level knowledge of cloud environments
- Identify cross correlation algorithms to be used to identify security risks
- Stay current on cloud security policies, standards, regulations, and best practices
Qualifications for cloud security
- Adeptness with FISMA, FIPS, and NIST information security standards and Cloud Security requirements (FedRAMP, SRG)
- Assist in providing guidance on the population of required security documentation for both internal Sponsor documentation RMF reciprocity documentation
- Provide technical support to existing security applications and utilities to develop improvements in configuration, added capabilities, or evolutionary replacement
- Bachelor’s degree in Computer Science or related Engineering field (or equivalent experience)
- Secure software design
- Risk, vulnerabilities, and threats
5
Cloud Security Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of cloud security. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for cloud security
- Identify any risks or inadequate security controls in place, make recommendations for improved security controls and industry best practices
- Monitor progress and effectiveness of cloud security controls through continuous reporting and trend evaluation, targeting key areas such as system and application security, vulnerabilty management and incident response performance
- Work with the team in the development and evolution of security roadmaps, embodiment of strategic plans, understanding controls and process gaps, providing architectural vision, and enabling the larger cyber security team
- Assist in the implementation of a formalized information security awareness offerings
- Perform automation of security implementation, monitoring and operations for cloud workloads
- Build security utilities and tools for internal use that enable you and your colleagues to operate at high speed and wide scale
- Provide a detailed understanding of cloud security and cloud infrastructure services
- Possess significant breadth across other disciplines (e.g., enterprise security architecture, compute services, storage, large-scale networking, virtualization, data center, integration architecture (API), orchestration technologies (Openstack/Cisco), systems resiliency, service support, application development lifecycle management (DevOps), and service delivery)
- Be a strong technologist with pragmatic view and creative mind, and a natural collaborator with line of business security architects, engineers, developers, application owners, service providers, and senior management
- Developing capabilities, services, and platforms that are leveraged to reduce the overall risk to cloud and hybrid environments, that meet or exceed security architecture controls framework, and that deliver risk transparency across a dynamic business landscape
Qualifications for cloud security
- Technical experience in security including architecture or security management, User, platform and device authentication, and various levels of access controls and authorization, Enterprise Directories and their integration with other systems in a large, complex environment
- Bachelor’s Degree in Computer Science or related technical discipline, or with equivalent experience
- Working knowledge of industry security frameworks
- Sound programming skills with any Object orient programing language like Java or C++
- Knowledge of containers and microsegmentation services including Docker, Mesosphere, DC/OS, Marathon-LB, Jenkins, Terraform
- Understanding of of industry standards, guidelines and regulatory/ compliance requirements related to information security and cloud computing such as ISO 27001, Cloud Security Alliance (CSA), NIST 800-53, PCI DSS, SOC2