Information Security Specialist - Container Security Specialist

Information Security Specialist – Container Security Specialist

A University or post-Graduate degree in Information Technology, Computer Science, Computer Engineering, or a related discipline is an asset.
Information security certification / accreditation an asset
7+ years of total relevant experience
At least 5+ years’ experience in working with Public Cloud technologies – Azure and Google preferred
Knowledge of security controls/mechanisms and threat/risk assessment techniques pertaining to container and public cloud networking environments.
Experience and hands on experience in the deployment and security configuration of Containers on Public Cloud (AKS, GKE) and on-prem environments
Strong proficiency in infrastructure as code, CI/CD, containerization and cloud security
Experience with cloud infrastructure, security and build tools such as Terraform, Jenkins, Bitbucket, Wiz.io or Aquasec
Solid understanding and hands on experience with core networking technologies and security concepts
Excellent written and oral communication skills. Ability to convey detailed technical information into summarized business language.
Advanced problem Solving / Analytical Thinking Skills.
Ability to work independently on a variety of assignments with minimal supervision.
Experience working within Agile framework and using JIRA.
Experience with ServiceNow SecOps Modules and Splunk.

Analyze and review cloud architecture diagrams to identify potential security concerns and ensure secure design practices for Public Cloud and Container platforms
Responsible for defining and developing the necessary standards, controls and guidelines for the secure deployment and operation of Public Cloud services and containerized applications
Provide governance and oversight for the development and maintenance of CI/CD pipelines to ensure secure code and image deployment
Responsible for defining the necessary security controls of Public Cloud Services, especially in Azure and GCP. Public Cloud services examples include Cloud SQL, BigQuery, AKS, GKE
Responsible for reviewing Engineering designs to ensure alignment with applicable security standard and industry practices
Provide end to end governance for public cloud infrastructure deployment, integration and security controls especially focused on containerized platforms
Collaborate with DevOps, engineering, and other cross-functional teams to integrate security tools and practices into workflows
Responsible for developing security reporting that includes KRIs, KPIs to demonstrate the effectiveness of the defined security controls
Work with 1B and 2nd Line of Defense partners to demonstrate the compliance with the defined security standards and controls