Cloud Security and Compliance Architect
Lisbon, Portugal
há 14 horas
source : Just Join IT

OSCAL (nice to have)

DevOps (nice to have)

CIS (regular)

Cloud Control Matrix (CCM) (regular)

NIST (regular)

Microsoft Azure (regular)

Cybersecurity (advanced)

SIEM (advanced)

We are curious and like innovations. What about you?

Would you like to develop our journey into continuous compliance for our SaaS services based on compliance checks-as-code, OSCAL , embedded into our cloud DevOps pipelines?

You will coordinate the modernization of compliance in SimCorp and help to make the rest of the company understand that security and compliance work can be fun

You will own the design of the service and underlying DevOps processes in the following areas :

  • Identity and Access Management (IAM)
  • Data Loss / Leak Prevention (DLP)
  • Security Operations Center (SOC)
  • Your responsibilities

  • Create, implement, and maintain cloud-specific security & compliance policies, standards, and procedures as appropriate for our cloud environment in partnership with key stakeholders
  • Help ensure alignment between different SaaS service lines
  • Guide and review threat analysis models made by new SaaS teams
  • Assist in defining scopes for penetration tests
  • Gather and supervise requirements from our security and compliance SMEs, developers, SRE engineers, operators, and other internal and external stakeholders
  • Collaborate with the office of the CISO as well as external auditors
  • Improve and refine our implementation of end-to-end SOC2 compliance
  • Act as a subject matter expert and support business and operations teams in all aspects of cloud security
  • Our requirements

  • Significant experience in a similar role
  • Good understanding of Configuration as code
  • Professional security architecture experience of cloud services (e.g. Microsoft Azure, knowledge of security compliance and information rights management)
  • Knowledge and experience with at least one of the security standards / frameworks, e.g., NIST, CIS, CSA Cloud Control Matrix (CCM)
  • Experience with SIEM tools , e.g. Azure Sentinel
  • Experience with threat modeling and pentests
  • Experience with implementing Zero-Trust architectures
  • Ability to translate business requirements into technical solutions
  • Fluent English
  • Reportar esta oferta de trabalho

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Meu email
    Ao clicar em "Continuar", autorizo a neuvoo a processar os meus dados e a enviar-me alertas de e-mail, conforme detalhado na Política de Privacidade da neuvoo . Posso retirar o meu consentimento ou cancelar a subscrição a qualquer momento.
    Formulário de candidatura