Cloud Security Architect

Place of work
Bratislava, District Žilina
Start date
by agreement
Contract type
full-time

Job description, responsibilities and duties

We are looking for a Cloud Security Architect.

Your Responsibilities will be:
• Understand Siemens information security requirements and drive adherence for cloud workloads.
• Implement cloud security solutions for AWS & Azure workloads.
• Perform automation of security implementation, monitoring and operations for cloud workloads.
• Guides internal customers on cloud security practices and help implement security in cloud workloads.
• Work with information security teams and stakeholders within Siemens Healthineers to drive cloud security.
• Evaluate new security solutions & managed security services to help secure cloud workloads.
• Implement a tools driven and highly automated approach to deliver our key security management processes by exploiting investment in existing tooling (e.g. ServiceNow, etc.) and / or identify new tooling.
• Design and implement AWS/Azure/Cloud based DevSecOps processes and tools
• Respond to and, when appropriate, resolve or escalate security incidents
• Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes.
• Assist and train team members in the use of cloud security tools and the resolution of security issues
• Develop and maintain documentation for security systems and procedures
• Collaborate within organization to build secure IaaS, PaaS & SaaS environments for AWS/Azure.
• Actively involved in cloud environment threat hunting using manual and automated tools
• Build security utilities and tools for internal use that enable you and your colleagues to operate at high speed and wide scale.
• Evaluate security technologies for cloud environments in order to implement controls in the most streamlined and integrated manner
• Deploy automated security solutions for cloud delivery processes
• Develop cloud security solutions to enable production security operations (SOC)
• Deploy compliance solutions for large-scale cloud environments using container and microservice technologies
• Develop security and compliance capabilities in support of DevOps processes
• Develop & deploy automated solutions to secure cloud development processes
• Craft and evangelize secure cloud platform & product requirements
• Communicate security risks and solutions to business partners, platform & product teams
• Embrace a culture of continuous service improvement and service excellence
• Stay current on security industry trends

More about us: http://www.siemens.sk/download/velki-ludia/

Required education, skills and personality requirements

Required education
University education (Bachelor's degree)
University education (Master's degree)

Educational Specialization
Information Technology, Computer Science or related fields

Language skills

English - Upper intermediate (B2)
Number of years of experience
10

Personality requirements and skills
Qualifications:
• Overall 10+ years’ experience in Technology with extensive experience in cloud solutions (AWS, Azure)
• Minimum 4 years of experience with implementing and automating Cloud DevSecOps including technologies such as SPLUNK ES, Twistlocker, CloudPassage and threat intel platforms
• Extensive experience in cloud based DDoS protection services such as AWS Advanced Shield and Azure security services.
• Knowledge of network based, system level, and application layer attacks and mitigation methods
• Extensive Experience working with container technology including Docker and Kubernetes
• Experience in DevOps environments and maintaining security in CI/CD processes
• Experience with the development, deployment, and automation of security solutions in an enterprise cloud based environment
• Experience with a broad range of security technologies including, SAST, DLP, IDS/IPS, IAM, Certificate Management
• Knowledge of AWS & Azure automation strategies and tools
• Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security
• Ability to clearly and effectively communicate concerns, issues to other teams
• Experience in developing, documenting, and maintaining security procedures
• Bachelor's Degree in Computer Science or related field or equivalent experience.
• Experience with custom development using AWS/Azure integration technologies, Python, Java/EE, JSON, SAML, XACML, SCIM.
• Experience in virtualization, Cloud Formation, Python in building hybrid cloud models with security layered in for groups, policies is critical for individual's hands-on expertise.
• Skilled in HTML/CSS, JSON, REST, HTTP, Python, Java/EE, SAML, XACML, SCIM
• AWS/Azure certification along with other security certifications such as CISSP, SSCP is a plus
• Hands-on knowledge on DevOps methodologies and tools like SVN/GIT, Jenkins, JIRA, confluence, various monitoring/alerting tools;


Competences and Behaviors:
• Highly self-motivated with the ability to identify areas of focus and tackle new challenges with or without direction.
• Must be able to communicate effectively and build solid relationships with individuals at all levels, in multiple geographies and business functions.
• Strong oral, written, and presentation abilities - able to convey risk to all levels of the business, from C-level executives to operations and development teams;
• Strong business acumen with the ability to build business cases for technology initiatives and to effectively communicate the value proposition to non-technical stakeholders
• Demonstrated ability to work under pressure.
• Ability to work within a dynamic and fast paced
international environment
• Encourages people to be open and share their views
• Demonstrate clear and measurable results through the development of KPIs, goals and milestones
• Strive for standardization and simplification in all aspects of work

We offer

• Training and development program (business and product trainings, e-learning, language courses, soft skills trainings,…)
• Health program (contracted wellness providers, sport centers, salary reimbursement in case of illness)
• Family care program (subsidy for newborns, maternity leave, kindergardens, summer camps)
• Retention program (work anniversary, life anniversary, additional pension plan, employee loans)
• Extra days-off (bridge days, sick days)
• Socializing programs (teambuildings)
• Referral employee program (bonus for new hire)
Send CV
ID: 3261096  Dátum zverejnenia: 12.2.2018