Cloud Protection & Secure Development Architect

Job Description:

• Formulate, write, and implement protection policies for cloud-based organizational projects involving diverse technologies and various cloud companies.
• Oversee security of organizational projects—formulate architecture; characterize, guide, and oversee protection solutions and secure development, as well as cloud infrastructure and systems for which the unit is responsible.
• Map and analyze threats and formulate a risk management recommendation for cloud protection and secure development.
• Guide and oversee secure CI/CD processes in organizational and cloud-based environments with diverse characteristics (DevSecOps).
• Control implementation of protection policy defined for various cloud-based projects.
• Interface regularly with cyber protection staff within and outside the organization.
• Map, analyze, and identify new opportunities and technologies for cloud protection and secure development.

Job requirements:

• Minimum 4 years' experience in hands-on positions in information security and cyber protection.
• Understanding of cloud-based high technology, infrastructure, and applicability in various cloud providers, with an emphasis on Microsoft Azure, AWS Cloud, and Google GCP.
• Understanding of secure development processes, DevSecOps, code development technologies, and the software development life cycle (SDLC).
• Understanding of secure development, OWASP, and SANS, and experience implementing solutions for code protection, including DAST, and SAST.
• Understanding of cyber threats and cyber-attack techniques (such as Cyber Kill Chain).
• Deep understanding of communications protocols (such as DNS, TLS, TPC/IP, HTTP model, TCP, and OSI)
• Previous experience formulating cyber protection architecture and policy for projects.
• Familiarity with protection, monitoring, and control systems (such as SPLUNK, NAC, F.W., EDR, and EPP).
• Experience formulating and implementing SSDLC processes — an advantage.
• Experience in the migration of projects and complex systems in the cloud — an advantage.
• Professional certifications, CISSP, CCSP, CISSP, CSSLP; architect certification; certification for security of various cloud providers — an advantage.
• Relevant technological degree or military experience — an advantage.