GRC Cloud Lead
Posted on Nov 6, 2019 by Request Technology
A prestigious company is on the search for a GRC Cloud Lead. This role is based around AWS cloud security controls, governance and compliance. This person needs to be have a strong understanding of cloud security governance and have experience establishing cloud security governance across the organization. They will be working on the evaluation, recommendations, and implementations of cloud security controls in an automated continuous integration/deployment environment.
- Work closely with Application Development, Cloud, Governance, and Compliance teams to help formulate and implement a strategy for cloud based security that is tailored to the specific risks facing the organization, including threat modelling and applications security advisement services.
- Develop and maintain a balanced cloud security governance framework based on industry standards.
- Ensure compliance with society, regulatory, and industry standards for cloud based security.
- Continuously evaluate the organization's existing cloud security practices, define and measure security-related activities, and demonstrating improvements to the cloud programs within the organization.
- Evaluate business strategies, requirements, and user needs, existing usage cloud platforms, technical capabilities, and overall cloud application maturity, and provides strategic guidance and best-practices based recommendations for implementing governance boards and proven best practices for cloud based application/platform development, deployment, and support.
- Support lead security consultants in promoting and consulting on the positions that help strengthen and secure the organization by either following standards or helping direct others on technology positions.
- Help facilitate review of changes in company processes, standards and technology to ensure the effectiveness of security controls to meet compliance requirements.
- Help consult with stakeholders on requirements for new and existing business/technology solutions to assure compliance to compliance frameworks and internal standards and governing policies and procedures.
- 5+ years' experience in secure application/platform development and security
- 3+ years' project management, consulting, and/or application security analyst experience
- Relevant postsecondary education and/or industry standard certifications preferred (ie, CompTIA, ISACA, ISC2, SANS Institute/GIAC, EMC, Amazon, VMware), AWS Certified Solutions Architect, CompTIA Cloud+ Certification, CISSP, Certificate of Cloud Security Knowledge (CCSK)
- Strong understanding of cloud security governance & experience establishing cloud security governance across an organization
- Practical understanding and use of cloud computing and cloud security tools
- Understanding of Agile/XP/Scrum/Kanban, Test Driven Development built on User Stories and Continuous Integration/Testing/Delivery
- Proficient in MS Office Suite (Word, Excel, PowerPoint, OneNote, Project, Access, Visio) and SharePoint