全职 Cloud Security Consultant 工作, 薪水, Accenture 公司招聘中 - Ricebowl

The Team
Our cybersecurity team offer services that enable mission resilience by offering deep cyber expertise, advanced analytics, continuous monitoring, and secure cloud services. Working closely with our clients, we design, build and implement information security strategies and solutions that can help enhance business performance.

The Role

Cloud Security Solutioning: devise implementation plans, formulate cloud security architecture designs, and join implementation teams in implementing the solutions devised on one or more cloud service providers (CSPs).

Multi-Cloud Security Implementation: Follow implementation plans and designs to implement various components in the cloud to secure client’s cloud tenants. This includes and not limited to:

• Cloud firewalls & network segmentation rules.

• Cloud API Gateway Security Policies

• Cloud Web Application Firewall

• Workload security solutions (VMs, Containers, Functions)

• Directory Services Authentication & Authorization, and Key Management

• DevSecOps Toolsets

• Security Analytics

Third Party Cloud Security Platforms Implementation: get acquainted with leading cloud security platforms and solutions, attend trainings for the same and follow implementation plans and designs. Examples include:

• Cloud security posture management

• Container security management

• Endpoint security management

• Third party next-generation firewalls.

• DevSecOps Scanners and Testers (SAST, DAST & VA)

Carry out design and implementation assessments and thread modeling when required against established standards and best practices (i.e: STRIDE, PCI DSS, CSA CCM)

The Right Profile

• Experience in architecting and developing security solutions on one or more cloud platform (AWS, GCP or Azure) and applying the cloud native security services

• Understand identity concepts - SAML, JWT, Oauth etc.

• Solid understanding of security concepts and tools - Certificates, DLP, WAF, SIEM, firewalls, DDOS prevention, IDS/IPS, privileged access management, Encryption, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture etc.

• Deep understanding of security frameworks and processes - CIS, NIST, PCI/DSS. SOCI/II, etc

• Ability to document risks, security controls and evidence to ensure compliance

• Good written and oral communication skills with the ability to adapt style and language depending on the audience