Desired skills and experience:
- 8+ years of experience in Information Security
- Strong knowledge of information security concepts, risk and controls concepts
- Knowledge on: NIST CSF. NIST 800-53 and NIST 800-171
- Experience in Conducting NIST 800-53 and NIST 800-171 gap assessments or compliance testing
- Knowledge / experience on: ISO 27001 standards
- Knowledge / experience on: SOC type 2 standards
- Proven security experience with public cloud / hybrid cloud environment - Azure, GCP
- Expertise on handling Security compliance
- Experience in assessment of ISO27001:2013, NIST CSF, PCI
- Experience working in an agile /DevOps environment that iterates quickly on tooling and processes
- Excellent communication skills with the ability to comfortably and effectively articulate security and risk related concepts to highly technical audiences
- You possess the ability to work autonomously in a fast paced, cross-functional environment, while being comfortable with ambiguity
- Implementation of security standard in hybrid and multi cloud environment - ISO 27001 / SOC type -2 / NIST
- Enhance current Information Security practices by design and implement new security practices/controls
- Working with security team to address and mitigate nukes in the Cloud Infrastructure and Application
- Responsible for implementing the security practices with DevOps
- Responsible for Automating the Security testing solutions with CI/CD
- Help DevOps teams for the Security point of view in Solution architecture
- Responsible for architecting solutions for monitoring and visibility of security issues across infrastructure and application