About Us:
Atmosera is full lifecycle cloud technology transformation firm, offering app and data professional services, security & compliance management, Azure operations, and technology training.
Our expertise across applications, data, and the Microsoft Azure platform allows us to accelerate innovation speed, increase operational agility, and vastly improve the return on investment in modern technology and human expertise.
Job Description:
We are looking to bring in a Cloud Security Architect that will join our growing Cloud Security Practice. You will work directly with our customers to enhance overall client maturity, improve control environments, lead engagements and help sell meaningful services.
Responsibilities:
- Lead cloud security and risk assessments, cloud strategy and cloud transformations.
- Contribute to the execution activities in the areas of security risk identification, analysis, classification, and mitigation strategies.
- Serve as a point contact with auditors and 3rd parties during technical audits during engagements.
- Produce & maintain compliance metrics & prioritize activities for clients.
- Develop incident response procedural playbooks for clients
- Implement security measures for the protection of computer systems, networks and information leveraging the Microsoft Azure security tooling (Defender for Cloud, Sentinel, etc.) according to Atmosera delivery standards
- Investigate and propose technologies and methodologies that can enhance Atmosera’s standard security and/or business continuity posture.
- · Contribute to the creation, documentation, implementation and maintenance of procedures and processes that ensure security control effectiveness.
- Respond to client requests according to SoW criteria as well as identifying new revenue opportunities in current engagements.
- Investigate and propose technologies and methodologies that can enhance Atmosera’s security and/or business continuity posture.
- Deliver environments that adhere to compliance requirements including but not limited to PCI-DSS, HIPPA/HITECH, IRS 1075, SOC 1 & SOC 2, Type II – in conjunction with Atmosera’s internal info sec best practices.
- Work with all Microsoft security and compliance tooling.
Preferred Experience:
- You have led and delivered a range of medium to large cloud security related projects. You have an excellent understanding of best practice cloud principles, technologies, processes, and current industry technologies, threats, and trends.
- You have commercial experience through owning and delivering successful RFPs. You can lead projects, oversee multiple deliveries, and complete business development activities to a client-facing standard.
- You can demonstrate SME knowledge in an industry sector, selected technical control domains and have notable strength in a particular aspect of cloud security e.g., Cloud Security Transformation in FS, Network Security in Legal etc.
- You have proven experience working with a broad range of security and cloud standards such as ISO27017, CIS, Azure Benchmark etc.
- You can advise on and define cloud architecture, suitable technology and solutions for client needs, cloud security control requirements, availability, data security, network security, suitable benchmarks, monitoring, and management of cloud security risks.
Desired Skills & Qualifications:
- Degree in business IT, systems engineering, information systems, computer science, or other degree
- 3 + years of information security work experience in deployment or governance
- General hands-on knowledge of firewalls, intrusion detection systems, endpoint protection, anti-virus software, data encryption, DLP, NAC, SEIM, and other industry-standard tools, techniques, and practices.
- Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), GIAC Certified Incident Handler, (GCIH), or Certified Information Privacy Technologist (CIPT).
- 5+ years of work experience in IT Compliance, PCI/SOC Auditing, incident response, CMMC, CIS, NIST and/or ISO 27001 standards.
- Familiarity with SecOps concepts & best practices.