Description

The role leads a team of cyber security professionals with specialized skills in security control guidance and drives the control implementation for cloud services with varying deployment models. The role evaluates business requirements, identifies and evaluates cyber security control sets and applies control requirements to on premise and hosted environments (public cloud) in alignment with cyber security policies and procedures. The Lead supports and leads the team in its work on problems of diverse scope and complexity ranging from moderate to substantial.

Responsibilities

The Lead of security control guidance ensures that IT and cyber security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with cloud security and IT standards. The Lead utilizes security control frameworks to identify applicable security control requirements to ensure regulatory compliance and alignment with existing policies and procedures. The role participates in control design and defines requirements for control monitoring to ensure compliance with control requirements and efficient operation of controls. The Lead provides guidance on implementation of IT and cyber security policies.

The Team Lead manages the performance and professional growth of 3-4 team members.

Requirements

Must have capability to:

• Exercise independent judgment and decision making on complex issues regarding job duties and related tasks, and work under minimal supervision.
• Use independent judgment requiring analysis of variable factors and determining the best course of action.
• Advise leadership and executives on control strategies for the evaluation, selection, and implementation of cloud services and related deployments.
• Lead cloud security policy and control guidance team managing resources, prioritizing tasks and ensuring the quality of deliverables.
• Lead and expand the cloud security control guidance program by enhancing existing processes and utilizing existing technology.
• Develop and drive cloud security control related automation program.
• Work with partners in business and IT to identify root causes for issues and resolve issues creating a positive user experience.
• Work closely with cyber security teams to ensure seamless execution of processes and timely delivery to customers.
• Distribute work tasks and redirect personnel and resources when needed.
• Identify gaps in process and procedures.
• Be responsible for process improvements, including initiating, creating, updating process documentation.
• Drive integration of processes across disparate teams to align to a single, cohesive strategy.

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology or a related field
• 8 or more years of technical cyber security experience
• 4 or more years of experience with cloud technologies and cloud deployments
• 2 or more years of project or team leadership experience
• Experience working with control frameworks
• Skilled at identifying security risks and exposures
• Experience integrating Cyber Security technologies with existing technologies including cloud services
• Strong ability to assess urgency and prioritization and make good decisions based upon situational circumstances
• Excellent communication skills with the ability to influence others
• Analytical and problem solving skills
• Must be passionate about contributing to an organization focused on continuously improving consumer experiences

Preferred Qualifications

• Master's Degree in Computer Science, Information Technology or a related field
• Certifications: CCSP, CCSK, CSP-based Certifications (Cloud Architect, Cloud Engineer) , CISSP, CISA, CISM;
• Azure, GCP or AWS expertise