Cloud Security Architect

Cloud Security Architect

Dublin -Hybrid working available

€100K - €120K per annum

Qualifications

Technical and process specific skills:

• Security Risk Identification and Assessment
• Technical Security Risk Assessments
• Knowledge of Cloud security, Encryption, Cyber Threat Vectors, ITGC controls
• Security Governance, Risk and Compliance, IT Security, Audit management

Certifications

• Security certifications like SABSA, CISSP, CRISC, CISM are preferred.

Experience

• At least 8-10 years of Experience in managing a team in cyber security track
• Experience with risk and controls management
• Working knowledge of relevant tools and software for managing and testing network devices
• High working knowledge of spreadsheets and higher-level function
• High level knowledge of varying company processes and controls
• Threat reporting and assessment
• Proven ability to understand Company needs, maintain relationships and develop positive dialogue
• Understanding corporate networking within a cloud centric organization and the use of Software Defined Network (SDN) and Secure Access Service Edge (SASE)
• Ability to quickly learn and understand the gaps while creating or adding to an existing plan
• Experience in applying the gaps and creating a plan, to perform actions, manage, and report on big picture and details
• Experience with corporate security solutions such as cloud WAF, CASB, Mail Relay, DLP, EDP, EPP, UEBA, SOAR SIEM etc.
• Networking skills with hand-on ability with firewalls, routers, routing tables and more
• Highly motivated with the ability to self-start, prioritize, multi-task and work independently - within a global team environment.
• Flexibility to change direction and manage conflicting demands and emergencies
• Outstanding organizational and data analytic skills
• Comfortable working in a fast-paced environment
• Strong verbal and written communication skills to effectively document processes, communicate findings, and interact with leadership
• Knowledge of networking, technology, corporate and cloud infrastructure and security implications and controls
• Proven track record with networking and security
• Degree in a relevant IT or security discipline
• Recognized security certifications including CISSP and others relating to networking and or product focused

Key Responsibilities: -

• Lead the engineering and operational management of enterprise security tooling and infrastructure within EXL's Infrastructure. This includes services such as SIEM, EDR, CASB, UEBA, SOAR, and others.
• Manage special projects involving the software development and engineering of solutions tailored to EXL.
• Supports a culture design ,accountability, integrity and high expectations
• Drive implementation and verification of features that improve the security of our platforms.
• Collaborate to develop a long-term security roadmap including Develop and maintain processes, controls and standards for information security group
• Set the direction of and coordinate the security and data privacy function at EXL, including critical processes such as vendor risk management, security monitoring, and identity and access management.
• Lead and develop a security engineering team with a focus on career growth and development
• Refine and lead our security review process in engineering and mentor and counsel the development team and entire EXL on security methodologies.
• Be intimately involved with our sales and client solutions teams as they work toward closing high profile deals touching on compliance, security, and data privacy matters.
• Engage with other department leaders to ensure that information technology resources are in place to support and enable employees across the organization
• Manage a team and influence others to focus on creating a solid cyber security foundation for growth and maturity
• Coordinate with information security group and business partners
• Analyse, assess, design and implement existing and new technology, new controls and risk management in a timely manner
• Evaluate the direct corporate network improvements across the sites and cloud
• Take responsibility for driving recommendations for remediation and process improvement until closed or mitigated
• Document processes, standard, new architectures, data flows and more
• Update corporate risk register with newly identified
• Track projects and remediation efforts while providing associated guidance
• Process and control documentation including narratives, flow charts, etc.
• Drive continuous process improvement initiatives
• Assist with the development and maintenance of security policies and procedures
• Risk identification and treatment
• Promote standards-based workflow
• Engage with internal and external parties to obtain and share information to improve processes, frameworks and security posture
• Work with information security group to investigate threats
• Keep management informed with precise information about security posture and events