Sr. Manager Cloud Security

IT - Application & Software Development
Mississauga, ON
Permanent
Dec 09, 2021

Our client a Global Leader, is seeking a talented individual to lead their cloud information security program. The position requires sound knowledge of security, privacy, and business management to develop and further the information security program for a Global IT Cloud services organization.

 

  • Define IT Infrastructure & Security strategy and standards, including those related to security governance (security policies and procedures), security strategy (security planning), risk (risk assessments and management), cloud data protection (classification, encryption, tokenization), identity and access management, cloud architecture, secure development (development, testing, and maintenance), and compliance (audits, regulatory requirements)

  • Define security controls relevant to compliance with legal, best-practice, and regulatory requirements for cloud environments (GDPR, PCI, ISO, FedRAMP, CCPA, SOC, etc.)

  • Hire and lead the growth, development, and support of a global security team running 24x7

  • Conduct cloud security strategy, readiness and discovery assessments; be familiar with cloud

    security frameworks, compliance requirements and security operations

  • Create and maintain documented internal policies and procedures on the management of

    information security

  • Develop and maintain a program for secure application development, testing, and

    vulnerability management

  • Develop and maintain a program on handling security incident response, disaster recovery,

    and business continuity

  • Establish lines of communication with leadership for understanding business needs and

    coordinating activities to further the information security program within the organization

  • Actively monitor and research cyber threats with a direct or indirect impact to business operations, or technology infrastructure

  • Understand business engagements, requirements and enablement opportunities as it relates to specific use cases

  • Engage and negotiate with customers and partners on Data Privacy Agreements and security requirements

  • Build and maintain a comprehensive and continuously up-to-date inventory of all supported applications, servers, interfaces and IT services being used to support cloud operations

Knowledge/Experience:

  • Minimum of 5 years cumulative experience in a combination of risk management, information security, and IT (at least 5 years in a senior leadership role)

  • In-depth knowledge of business management and a strong understanding of information security risk management and cybersecurity technologies

  • Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concern

  • Demonstrated ability to lead and manage large, complex projects involving cross-functional teams

  • Familiarity with industry compliance, i.e. PCI, HIPAA, GDPR, PIPEDA, ISO 27001, SOC (1 and 2), etc.

  • Experience working with SaaS and PaaS environments and Cloud Native technologies

  • Demonstrated ability to establish a security program that addresses security concerns of

    clients in delivering IT services

  • Experience within a 24x7 production environment, preferably across multiple data centers

    and 3rd party cloud environments

Send to Friend

Send to Friend