Lead GRC Cloud Consultant
Posted on Oct 23, 2019 by Request Technology - Kyle Honn
Lead GRC Cloud Consultant
- Continuously evaluate the organization's existing cloud security practices, define and measure security-related activities, and demonstrating improvements to the cloud programs within the organization.
- Develop and maintain a balanced cloud security governance framework based on industry standards.
- Ensure compliance with society, regulatory, and industry standards for cloud based security.
- Work with Application Development, Cloud, Governance, and Compliance teams to help formulate and implement a strategy for cloud based security that is tailored to the specific risks facing the organization, including threat modelling and applications security advisement services.
- Support lead security consultants in promoting and consulting on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions.
- Evaluate business strategies, requirements, and user needs, existing usage cloud platforms, technical capabilities, and overall cloud application maturity, and provides strategic guidance and best-practices based recommendations for implementing governance boards and proven best practices for cloud based application/platform development, deployment, and support.
- Help facilitate review of changes in company processes, standards and technology to ensure the effectiveness of security controls to meet compliance requirements.
- Help consult with stakeholders on requirements for new and existing business/technology solutions to assure compliance to compliance frameworks and internal standards and governing policies and procedures.
- Bachelor's degree in a technical field or equivalent work experience with 5+ years' in secure application/platform development and security
- 3+ years' project management, consulting, and/or application security analyst experience
- Any relevant industry standard certifications preferred (CompTIA, ISACA, ISC2, SANS Institute/GIAC, EMC, Amazon, VMware), AWS Certified Solutions Architect, CompTIA Cloud+ Certification, CISSP, Certificate of Cloud Security Knowledge (CCSK)
- Strong understanding of cloud security governance & experience establishing cloud security governance across an organization
- Practical understanding and use of cloud computing and cloud security tools
- Strong understanding of IT security best practices by applying depth and breadth of expertise in multiple related disciplines
- Understanding of Agile/XP/Scrum/Kanban, Test Driven Development built on User Stories and Continuous Integration/Testing/Delivery
- Demonstrated success at leading cross-functional projects leveraging SDLC methodology. Basic knowledge of Security Analysis (manual and leveraging automated scanning tools)
- Ability to stay up to date with current cybersecurity threat landscape to account for changing circumstances when evaluating security risks
- Ability to maintain technical proficiency via self or formal training
- Proficient in MS Office Suite (Word, Excel, PowerPoint, OneNote, Project, Access, Visio) and SharePoint
If this is an opportunity that you're interested in please email your resume to: