Google Cloud Security Module Lead

Experience: 4 to 6 yrs

Location: BLR

Engineering Graduate - preferably B.E. /B.Tech in IT or Computer Engineering.

The Cloud Security Compliance Analyst is responsible for:

1. Assessing the conformity of the cloud services
2. Ensuring conformity concerning Organisation/customers Enterprise Security Protection Baselines (ESPB) guidelines
3. Defining associated compliance security policies

Job Description:

1. Assess the compliance of the different Cloud Services using Airbus Standards and Public Cloud Security Standards.
2. Define the required security controls to make the usage of the cloud services compliant.
3. Ensure a good quality of the description of the security control taking into account the company context.
4. Evaluate the relevant severity for each security control.
5. Ensure the lifecycle of the defined security controls.
6. Synchronize and work with Cloud Security and Cloud platform stakeholders to ensure the visibility and relevance of the deliveries.
7. Make propositions to improve the compliance assessment process.
8. Contribution to Cloud Platform blueprints by providing services compliant IaC.
9.  
10. Requires knowledge of compliance and a commitment to acting with integrity, and will be part of the Cloud Compliance team (Cloud Security Controls & Procedures),
11. Assess the compliance of the different Cloud Services using Organisation/customers Standards and Public Cloud Security Standards.
12. Define the required security controls to make the usage of the cloud services compliant.
13. Ensure a good quality of the description of the security control, l taking into account the company context.
14. Evaluate the relevant severity for each security control & ensure the lifecycle of the defined security controls.
15. Synchronise and work with Cloud Security and Cloud platform stakeholders to ensure the visibility and relevance of the deliveries.
16. Make propositions to improve the compliance assessment process.
17. Contribution to Cloud Platform blueprints by providing services compliant with IaC.

Skills:

Must Have:

-Strong knowledge of AWS Services and Cloud Security

-Remediation support for Cloud Infra Vulnerabilities

-Remediation support for Security Non-Compliance alerts

-Analysis of false/true positive alerts

-Analysing built-in and customised RQLs

-Cloud compliance exception analyst, Cloud SecOps skills like vulnerability detection and remediation follow-up are a plus

-Good Communication & Stakeholder Management skills

Good to Have:

-Agile methodology knowledge

-Scripting and automation using Python

-Knowledge of GCP or Azure cloud.

-Knowledge of cybersecurity best practices concerning hardening, in an IT/IM Security environment, including standards creation

-Cloud Security compliance or more generic Cyber Security Standards, Cloud Security Engineer and Cloud Threat Modelling

-Cloud Technical knowledge, having practised one CSP for at least 6+ years (AWS and GCP)

Total Experience Expected: 04-06 years