Our client – A large local bank is looking to recruit a Unit Manager – Cloud Cybersecurity Architect (reporting directly to the Head of Cybersecurity Governance) in Abu Dhabi under the Group Risk department.
The candidate will lead a team of multiskilled architects in realizing a long-term, progressive cloud cybersecurity architecture for the Group in partnership with key stakeholders. The role is in the field of cybersecurity with a focus on cloud security management.
Primary job responsibilies include:
Cloud Security Architecture Design:
- Design and implement security architecture for cloud environments spanning different cloud providers, including but not limited to Amazon Web Services (AWS), Azure and Oracle Cloud Infrastructure (OCI) to ensure adequate level of security and compliance with regulatory/industry standards and best practices
Cloud Security Governance:
- Develop Cloud Security strategy, establish and enforce governance frameworks for cloud security within the enterprise architecture to ensure alignment with the Banks policies, laws and regulatory requirements, and industry best practices across cloud platforms such as AWS, Azure, and OCI
- Facilitate risk management, compliance audits and continuous improvement of security postures to ensure ongoing best practice solutions are in place.
Cloud-relevant security policies and standards:
- Develop and enforce security policies, standards, baselines and procedures for cloud environments and cloud services to ensure the Banks standards are up to date with ongoing update and progression within the cybersecurity innovations
Risk Assessment and Management:
- Develop Cloud Risk Assessment methodology, conducting risk assessments and vulnerability analyses in order to identify security risks and select tools, controls and defences that should be implemented to mitigate the same in cloud environments
People Management:
- Manage self and team in line with the bank's people management policies, procedures, processes and practices to ensure adherence and to maximise own and employee contribution to business performance.
Incident Response:
- Develop and implement the incident response strategy for cloud security incidents to ensure timely and effective resolution
Security Monitoring and Reporting:
- Identify and implement security monitoring tools and processes in order to detect and respond to security threats in cloud environments
Skills Required:
- Professional Qualifications: Certifications similar to Certified Cloud Security Professional (CCSP), AWS Certified Security – Specialty, Azure Security Engineer Associate or Certified Information Systems Security Professional (CISSP).
- Security Frameworks and Standards:
- Cloud Security Frameworks and Standards, such as Cloud Security Alliance (CSA), Payment Card Industry Security Standards Council (PCI SSC) Cloud Computing Guidelines, ISO 27017, etc.
- National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).
- Payment Card Industry Data Security Standard (PCI DSS).
- ISO 27001.
- Zero Trust Concepts.
- Cloud Service Providers (AWS, Azure, OCI, Google Cloud Platform (GCP))
- Security Architecture and Design Threat Modelling.
- Risk Management and Compliance.
- Incident Handling and Response.
- Identity and Access Management (IAM).
- Network Security.
- Knowledge and selection of cloud security tools and controls, including but not limited to enterprise tools that can be extended to the cloud, cloud-native tools and controls, third-party offerings, etc.
- Understanding how to leverage new and emerging tools.
- DevSecOps Practices.