Cloud Security Expert

• Develop the Cloud Security Design framework for new technology solutions.
• Embed best practice security by evaluating suppliers.
• Establish security requirements for secure service provision.
• Ensure compliance with ISO27001, 27017-27018, PCI-DSS standards.
• Define and achieve risk and security requirements.
• Drive compliance with cybersecurity strategy.
• Align activities with BAU audit activities for consistency.
• Manage and liaise with regulators.
• Identify, highlight, and remediate information security risks.

Policy, Standards and Processes:

• Plan, study, and design a resilient security architecture for IT/IT Security projects (cloud/on-premise).
• Test and evaluate new security solutions/technologies.
• Ensure adherence to corporate security policies and procedures.
• Create standards for IT assets and assess their efficacy.
• Develop and apply security architect rules.
• Provide feedback to enhance policies, regulations, standards, and processes.
• Communicate and ensure staff compliance with Information Security Policy.

Operations, Reporting and Administration:

• Implement Information Security Strategy and Plans.
• Ensure diligent adherence to Information Security processes, including Risk Management.
• Control and approve security-related requests/changes and oversee IT security activities.
• Contribute to the IT Security Dashboard for Management.
• Collaborate with internal/external audits.
• Conduct IT security awareness training.
• Collect, analyze, and produce monthly reports for IT Security.

JOB REQUIREMENTS
Educational Qualifications:

• Bachelor's or Technical Degree Required (IT, Cryptography, computer science, information systems, business administration or other industry-related curriculum)

Expertise:

• Minimum of 5 years of specialized experience.
• Strong knowledge of international IT security standards (ISO 27001, PCI-DSS, etc.) and ITIL.
• Work experience with one or more cloud service providers.
• Deep understanding of cloud service architecture, with a focus on cloud security.
• Solid grasp of modern information security methodologies and standards, particularly in cloud environments.
• Desired certification in Cloud/Security.
• Knowledge and experience supporting IAM, security operations, and threat response.
• Familiarity with modern DevSecOps practices and automation (preferred).
• Proficient in automating repetitive tasks with scripting skills in Bash/PowerShell/Python.
• Good knowledge of network security, system security, application security, virus/malware, and secure coding.
• Expertise in architecture, security technology, and integration.
• Proficient in penetration testing with OWASP standards, capable of discovering and exploiting vulnerabilities, and understanding cyber attacks.
• Familiarity with hacking tools such as VA, APPScan, Metaexploit, Kalilinux.
• Experience in implementing ISO27000/PCI-DSS (preferred).
• Strong knowledge of secure coding in languages like Python, Shell, PHP, and expertise in encryption and cryptography techniques.