About You
The Senior Manager, Cloud Security Engineering is pivotal in protecting Carsome's cloud infrastructure and applications. This role demands a profound technical acumen and hands-on leadership, combining deep expertise in cloud security technologies, methodologies, and industry best practices. The ideal candidate will balance strategic planning with operational execution, leading a dedicated team to design and uphold an extensive cloud security framework.
Your Day-to-Day
Strategic Leadership (40% - 50% of time)
- Architect and uphold a multi-cloud security strategy across AWS, GCP, and Azure, tailored to align with Carsome's business goals and risk profile.
- Craft and implement rigorous cloud security policies, standards, and guidelines, drawing from established industry frameworks such as CIS and NIST.
- Oversee the selection, deployment, and refinement of key cloud security tools and services, including OWASP standards, QRadar SIEM, and CrowdStrike.
- Manage and enhance relationships with key external security vendors and service providers.
Operational Excellence (60-50% of time):
- Direct comprehensive vulnerability assessment and penetration testing activities, encompassing black-box, white-box, and grey-box approaches.
- Lead threat modelling and risk assessments to pinpoint and mitigate potential security vulnerabilities.
- Monitor cloud environments continuously for security incidents and ensure rapid response to security alerts.
- Promote and integrate secure software development practices (DevSecOps) throughout the organisation.
Compliance & Governance:
- Guarantee adherence to pertinent security regulations and standards, including SOX and ITGC.
- Collaborate with internal audit and risk management teams to fortify Carsome's security stature.
- Assist in the creation and ongoing maintenance of security documentation.
Team Leadership:
- Mentor, manage, and cultivate a high-performing team of cloud security engineers.
- Encourage a security-first culture and champion ongoing professional development within the team.
Your Know-How
- Over 7 years of experience in cloud security engineering, with a minimum of 2 years in a leadership role.
- Proficient in security architectures and services across AWS, GCP, and Azure.
- Comprehensive knowledge of security tools and technologies such as SIEM, WAF, EDR, and CASB.
- Well-versed in security frameworks and standards like CIS, NIST, and ISO 27001.
- Skilled in secure software development practices (DevSecOps).
- Experienced in conducting vulnerability assessments and penetration testing.
- Familiar with compliance and regulatory frameworks such as SOX and ITGC.
- Exceptional communication, interpersonal, and leadership abilities.
Qualifications & Skills
- Bachelor’s degree in Computer Science, Cybersecurity, or related field.
- Certifications such as CISSP, CCSP, or CCSK.
- Prior experience in a rapidly growing technology firm.
- Proven track record in negotiating and managing contracts with security vendors.
Other Information
- Reporting Manager: Head of ITSO
- Working Hours: 9am – 6pm, Mon – Fri
- Working Location: HQ, KYM tower
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Manager, Cloud Security Engineering. Be the first to apply!