Job Description

Job Requirements
Role/ Job Title: Head - Cloud Security Compliance
Function/ Department: Information Security Group
Job Purpose:
The Head - Cloud Infrastructure Security Compliance will lead the strategic development, implementation, and management of comprehensive cloud security protocols for the entire bank, across various environments such as public, private, and hybrid clouds. This position is crucial for safeguarding digital assets, ensuring compliance with regulatory standards, and integrating cutting-edge security technologies to address the dynamic threat landscape.
Roles & Responsibilities:
Advanced Identity and Access Management (IAM) Initiatives:

• Develop and manage an identity-centric security strategy incorporating advanced IAM features into CNAPP solutions.
• Review and refine IAM policies to remove excessive privileges, enforcing the principle of least privilege.
• Implement robust multi-factor authentication (MFA) across all critical cloud resources and privileged access points.

Security Monitoring and Analysis:

• Direct the deployment and management of cloud native SIEM solutions to comprehensively monitor cloud activity for real-time security insights.
• Use SIEM and CSPM tools to detect, analyze, and respond to security incidents, anomalies, and potential threats.
• Ensure effective monitoring and analysis of cloud platform logs, CSPM findings, and correlate security events across various sources.

Multi-Cloud and Hybrid Cloud Security:

• Design and implement security frameworks to address specific challenges of multi-cloud and hybrid environments.
• Maintain consistent security policies and ensure seamless security integration across all cloud platforms.

Autonomous and AI-Driven Cloud Security Management:

• Leverage AI and ML technologies to automate threat detection and enhance real-time decision-making capabilities.

Vulnerability Management:

• Lead the identification, prioritization, and remediation of vulnerabilities using sophisticated scanning tools and processes.
• Monitor the progress of vulnerability remediation efforts continuously.

Threat Intelligence:

• Develop and maintain a proactive threat intelligence program that continuously analyzes and disseminates information on emerging threats and vulnerabilities.
• Share relevant threat intelligence with other security teams to improve the organization's overall security posture.

Privileged Access Management (PAM):

• Oversee the strategy and implementation of PAM, including the deployment of privileged access workstations (PAWs) and enforcing strong password policies.
• Monitor privileged user activity to detect and respond to suspicious behavior.

Security Configuration and Hardening:

• Direct the continuous assessment, adjustment, and remediation of cloud security configurations using CSPM tools to ensure adherence to secure baselines and best practices.
• Automate security configuration recommendations and hardening processes to enhance efficiency and consistency.

Security by Design for Cloud-Native Applications:

• Integrate security considerations into the design and development phases of cloud-native applications and infrastructure projects.
• Collaborate with DevOps teams to ensure security best practices are embedded in the software development lifecycle.

SaaS Security Management:

• Conduct comprehensive security assessments of SaaS applications, identifying and mitigating potential security risks.
• Develop and enforce robust security policies for SaaS usage, including data encryption and access controls.

IaaS Secure Configuration and Resource Management:

• Ensure all IaaS configurations align with security policies and compliance requirements, manage, and secure network communications, and optimize resource allocation to maintain security and efficiency.
• This includes regular audits, encryption management, and network security controls like firewalls and VPNs.

PaaS application Security and Access Management:

• Integrate security practices within the development lifecycle for applications built on PaaS, encompassing continuous security assessments and robust identity and access management strategies.
• This includes enforcing security baselines, managing permissions, and implementing security controls within CI/CD pipelines.
• Security Awareness and Training Programs:
• Develop and implement security training programs to enhance security knowledge and practices across the organization.
• Foster a culture of security awareness, encouraging responsible cloud usage and compliance.

Economic Efficiency and Resource Management:

• Manage cloud security initiatives with a focus on cost-effectiveness and strategic resource allocation.

Cloud Security Tool Consolidation:

• Rationalize and consolidate security tools into comprehensive platforms to reduce complexity and improve operational efficiency.

Education Qualification:
Graduation: BTech/ B.E
Post-graduation: MBA
Experience: 10 - 18 years of relevant experience.

Skills Required