Cloud Security Policy Consultant

DAY TO DAY

Works closely with other members of the security program to identify, manage, and mitigate security risks. The engineer is part of a broader team of security engineers reporting to the Sr. Director, Cloud Security who are responsible for developing, deploying, and integrating technical controls and tools to meet specific security requirements, as well as defining processes and standards to ensure that security configurations and tools are maintained. This is a project focused resource within the organization and will focus on designing and implementing both technologies and governance processes focused on our cloud platforms.

Define and mature cloud-focused security policies and controls (governance, processes, frameworks)
Identify, Implement, and Operationalize security technologies and processes to improve visibility and reduce risk

Leverage data analytics to influence our cloud security posture

Partner with other technical leaders throughout the organization to refine and mature Allys security posture for cloud-based technologies and platforms, as well as identifying and maturing our application security capabilities

Consult with project teams to ensure that platform architecture has proper security controls in place (focused on Cloud Providers / SaaS engagements)
Engage as needed in other Cloud Security efforts where skills may overlap: Cloud Platform Security and
DevSecOps / Pipeline Security

We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

MUST HAVE
Demonstrated technical expertise in two or more technology areas (compute, storage, network, data, etc)

Experience/knowledge of automation, Infrastructure as Code and DevOps + CI/CD tools and processes

Strong background in information security practices, controls, and governance (CISSP preferred)

4+ years of experience as a technical resource within an IT organization (enterprise / matrixed organization preferred)

2+ years of experience with cloud platforms (operational experience preferred for AWS, Azure, GCP, etc)

Strong soft skills: builds partnerships, translates complexities into simple terms, ability to maintain focus on objectives

Highly proficient in drafting technical documents: process/procedures, standards/policies, architectures, etc)

PLUSSES
Certifications such as CISSP, CCSP, CCSK, SSCP, CSSLP preferred
Highly proficient in drafting technical documents: process/procedures, standards/policies, architectures, etc
Experience with automation, Infrastructure as Code and DevOps + CI/CD tools and processes

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.