Job Description: Cloud Security Consultant (Business Enablement Layer)
Location: Poland
Position Type: Full-time
Overview:
We are seeking a highly skilled Cloud Security Consultant to join our team and strengthen the security framework of our Business Enablement Layer. The ideal candidate will have a strong background in designing and implementing robust security controls across Identity and Access Management (IAM), Cloud Security, Infrastructure Security, and Application Security. This role offers an opportunity to work on cutting-edge technologies and support clients in securing their cloud environments.
Key Responsibilities:
1. Security Design and Implementation:
- Design and implement security controls for cloud environments (AWS, Azure, GCP).
- Develop security architectures that meet regulatory, compliance, and business needs.
- Enhance the security posture of infrastructure, applications, and data.
2. Identity and Access Management (IAM):
- Implement and manage IAM solutions, ensuring least privilege and role-based access control.
- Develop strategies for secure identity federation and single sign-on (SSO) solutions.
3. Cloud Security:
- Define and deploy security configurations for cloud-native services.
- Assess and mitigate risks specific to multi-cloud environments.
- Automate security practices using cloud-native tools and third-party solutions.
4. Infrastructure and Application Security:
- Conduct threat modeling and vulnerability assessments for infrastructure and applications.
- Implement security controls at the development and operational phases (DevSecOps).
- Collaborate with application teams to integrate security into CI/CD pipelines.
5. Governance and Compliance:
- Ensure adherence to industry standards such as ISO 27001, NIST, GDPR, and others.
- Assist in audits, risk assessments, and incident response activities.
- Document policies, procedures, and standards for cloud security.
6. Collaboration and Enablement:
- Work closely with cross-functional teams including DevOps, IT, and business stakeholders.
- Provide guidance on security best practices to enhance the overall security awareness.
- Enable business processes securely by aligning with organizational goals.
Qualifications:
Education:
- Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Systems, or related field.
Experience:
- 5+ years of hands-on experience in cloud security, IAM, and infrastructure/application security.
- Proven expertise in designing and implementing security controls in multi-cloud environments (AWS, Azure, GCP).
Skills:
- Strong understanding of IAM principles, including privilege management, identity lifecycle, and federation.
- Proficiency in cloud-native security tools (e.g., AWS Security Hub, Azure Defender, Google Cloud Security Command Center).
- Experience with infrastructure-as-code tools such as Terraform, CloudFormation, or Ansible.
- Familiarity with container security and orchestration platforms like Kubernetes and Docker.
- Knowledge of scripting languages (Python, PowerShell, etc.) for automation.
Certifications (Preferred):
- CISSP, CISM, or similar certifications.
- Cloud-specific certifications (e.g., AWS Certified Security – Specialty, Azure Security Engineer, Google Cloud Professional Security Engineer).
Key Competencies:
- Excellent problem-solving and analytical skills.
- Strong communication and stakeholder management abilities.
- A proactive mindset and the ability to work independently in a global, remote setup.