Associate Director - Cloud Security
Sycamore Informatics Inc.
Job Description
Designation: Associate Director - Cloud SecurityExperience: 15+ yearsLocation: Remote (India)
Role Responsible for development, security and operations activities related to developed products and/or ongoing product development in a SaaS environment along with people management responsibilities and customer interaction.
Experience (in years)Minimum 15-20 years' experience; including cloud security, devops related project management and people management; customer engagement experience.
Education Masters/Bachelor's degree, preferably in Computer Science, Information science, Physics, Math or any other related discipline.
Essential skills Cloud security; Project management, people management expertise - recruitment, performance management, learning and development. Customer handling; issue resolution; problem solving
Desired skills Leaning mind-set, good communication skills; managerial skills
CertificationsProven track record delivering architectures compliant with GxP, 21 CFR Part 11, HIPAA, SOC 2, and ISO 27001. Preferred Certifications: AWS Certified Security - Specialty, AWS Certified Solutions Architect - Professional, CISSP, or CISM.
Summary The resource must have a blend of cloud Security skills along with people management skills, customer handling expertise, issue resolution and problem solving skills; must be solution-oriented.
Roles & ResponsibilitiesSecurity Integration in DevOps Pipelines: Embed security tools and practices in CI/CD pipelines to detect and mitigate vulnerabilities. Implement static and dynamic code analysis, vulnerability scanning, and container security checks.
Infrastructure Security: Design and implement secure infrastructure leveraging cloud services and Infrastructure as Code (IaC). Ensure configuration management for servers and cloud environments meets security standards.
Automation and Monitoring: Automate security testing and monitoring processes to maintain compliance and reduce manual intervention. Develop and maintain monitoring systems to detect anomalies and security breaches.
Collaboration and Training: Collaborate with cross-functional teams to address security concerns during software development and deployment. Provide training and awareness on secure coding practices and DevSecOps tools.
Incident Management: Respond to security incidents, conduct root cause analysis, and implement preventive measures. Maintain and test incident response plans.
Compliance and Governance: Ensure systems adhere to regulatory requirements and industry best practices. Conduct periodic security audits and assessments to maintain compliance.
People management: Participate in hiring, interviewing and recruitment strategy for the team. Play a role in performance management of team members Devise learning and development goals and execute the same in the team Ensure employee motivation and growth
Customer satisfaction: Ensuring the team delivers and exceeds customer satisfaction Resolve issues/concerns if any. Develop SLAs/metrics which can showcase the areas for improvement.
Strategy: Contribute to strategizing cloud security architecture for products Managing teams across customers/products Handling escalations, issue resolution Solution oriented approach Risk analysis and mitigation strategy expertise
Essential Experience Managerial experience - managing team or teams of diverse skills Strategy and customer engagement experience Risk management Interacting, handling customers Cross-functional team interaction Flexibility to adapt to changing technologies and industry trends, embracing innovation and driving technical excellence. Project management expertise