As a Cloud Security Senior Consultant, you will be at the front lines with our clients supporting
them with their cloud security needs to securely navigate their journey to the cloud on the
leading cloud platforms, by implementing industry leading practices around cyber risks and
cloud security for clients. You will execute on cloud security engagements during different
phases of the lifecycle - assessment, design, implementation, and post-implementation
Cloud Security Solutioning: devise implementation plans, formulate cloud security architecture
designs, and join implementation teams in implementing the solutions.
AWS Cloud Security Implementation: Follow implementation plans and designs to implement
various components in the cloud to secure client's cloud tenants. This includes and not limited
* Cloud firewalls & network segmentation rules.
* Cloud API Gateway Security Policies
* Cloud Web Application Firewall
* Workload security solutions (VMs, Containers, Functions)
* Directory Services Authentication & Authorization, and Key Management
* DevSecOps Toolsets
* Security Analytics
Third Party Cloud Security Platforms Implementation: get acquainted with leading cloud
security platforms and solutions, attend trainings for the same and follow implementation
plans and designs. Examples include:
* Cloud security posture management
* Container security management
* Endpoint security management
* Third party next-generation firewalls.
* DevSecOps Scanners and Testers (SAST, DAST & VA)
Carry out design and implementation assessments and thread modeling when required against
established standards and best practices (i.e: STRIDE, PCI DSS, CSA CCM)
* Experience in architecting and developing security solutions on AWS cloud and applying
the cloud native security services
* Understand identity concepts - SAML, JWT, Oauth etc.
* Solid understanding of security concepts and tools - Certificates, DLP, WAF, SIEM, firewalls, DDOS prevention, IDS/IPS, privileged access management, Encryption, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture etc.
* Deep understanding of security frameworks and processes - CIS, NIST, PCI/DSS. SOCI/II, etc
* Ability to Identify, remediate, and document security risks
* Document security controls and evidence to ensure compliance
* Good written and oral communication skills with the ability to adapt style and language depending on the audience