Talent.com
GRC Consultant with Cloud Security

GRC Consultant with Cloud Security

Smart IT Frame LLCMarkham, ON, Canada
1 day ago
Job type
  • Full-time
Job description

Job Description :

  • To Assess, establish, and oversee governance mechanisms for cloud security.
  • Perform CSA CCF cloud security maturity assessment in multicloud hyperscalers like Azure, AWS, GCP.
  • Conduct gap analysis and define target state maturity ratings.
  • Provide recommendations to achieve target state maturity.
  • Align a common control framework to support compliance initiatives.
  • Design critical cloud security domains and controls to comply with the target operating model.
  • Develop a cloud security improvement program with pragmatic short-term and long-term measures.
  • Develop a CSA-aligned cloud security strategy roadmap.
  • Create use cases for identified solutions.
  • Develop cloud security architecture blueprints for core security domains.
  • Draft comprehensive cloud governance policies covering security, compliance, and procedures.
  • Define technical controls to meet objectives.
  • Develop processes for steady-state operations of cloud security governance.
  • Build a continuous compliance management mechanism.
  • Create a joint governance office with the client.
  • Participate in management communication and all security-related meetings.

Essential Requirements

  • Cloud security knowledge.
  • Experience with CSA CCF as an assessment and governance framework for cloud security.
  • Proficiency in cloud security technical controls for application and interface security, data security, information management, identity and access management, and virtualization security across AWS, Azure, or GCP.
  • Strong client communication and stakeholder management skills.
  • Excellent documentation, presentation, and interpersonal skills.
  • Bachelor’s degree or equivalent in computer science, information systems, or related field.
  • Certifications : AWS Certified Professional Solution Architect, AWS Security Specialty, GCP Certified Professional Cloud Security Engineer.

    • Desirable Requirements

  • Certifications : ISC2 CISSP, CCSP, OSCP.
  • Scripting knowledge / experience.
  • Experience in CSPM tools like Palo Alto Prisma, Wiz.

    • Experience

  • Total IT / Cybersecurity experience : Over 12 years.
  • Cloud security experience : Over 5 years.