To provide cloud security expertise to build out and maintain resilient, scalable, cost-effective, and high-performing Cloud solutions.Requirements:Design and deployment of highly available, enterprise-scale Cloud infrastructure.Advanced knowledge of infrastructure concepts, technologies, and patterns (SDLC, IaC).Developing and delivering systems on AWS Platforms (Azure or GCP will be advantageous).Supporting and enhancing build and release processes through automation using a combination of processes and existing tools.Understanding of Cloud Security technologies and best practices.Understanding of Networking in Cloud environments.Experience in a DevOps role and incorporating security controls in the build process.Experience in engineering data and/or security log pipelines using Big Data technologies such as Spark, Kafka, Hadoop, Storm, etc.Demonstrated experience in designing, implementing, and managing data security solutions for structured and unstructured data.Understanding of modern software engineering patterns, including those used in highly scalable, distributed, and resilient systems.Ability to deliver long-term, repeatable IAC solutions that incorporate directly into an overall CI/CD process.Knowledge of JSON templates, PowerShell, CLI's, Shell, Python.Experience working with cross-functional teams and providing data security guidance to developers and IT staff.Familiarity with regulatory requirements and industry standards related to data protection.Knowledge of data masking and tokenization tools and their integration.Knowledge of data obfuscation techniques to protect sensitive information.Data Governance: Understanding of data governance frameworks and practices.Data Privacy Regulations: Familiarity with POPIA, GDPR, or other data privacy regulations.Data Encryption: Proficiency in data encryption techniques and technologies to safeguard structured and unstructured data.Access Control: Expertise in managing user access, permissions, and identity management systems for data security.Data Loss Prevention (DLP): Implementation and management of DLP solutions for monitoring and controlling data in transit and at rest.Secure Data Transfer Protocols: Understanding of secure protocols like TLS/SSL for data in transition.Data Classification: Ability to classify data based on sensitivity and apply appropriate security measures.Secure Logging and Auditing: Setting up comprehensive logs and audit trails for data access and changes.Experience:7+ years' experience in Infrastructure, Software Development, DevOps, or Security.4+ years design and implementation of highly available, enterprise-scale public Cloud infrastructure.4 years in AWS with a focus on Data, Security & IAM.Experience in introducing cloud security technology (start-up) in an environment – processes, principles, etc.Design and hands-on troubleshooting background on AWS Platform (Azure or GCP will be advantageous).Experience working in a DevOps environment.Experience developing and supporting infrastructure and cloud security capabilities for microservices-based architectures.Experience working with CI/CD technologies, e.g., GitLab and GitHub.Experience with authentication and authorization technologies and protocols (LDAP, Kerberos, AD, OAuth 2.0, OpenID Connect, SAML).Experience working with scripting, provisioning, and IAC tools like Terraform, Ansible, CloudFormation or equivalent.Skills:5 years in AWS with a focus on Networking.Experience in a financial services or banking organization.Infrastructure security.Basic understanding of at least one high-level programming language (GoLang / .net / Java / Python).Advanced scripting skills in at least one interpreted language (Bash/PowerShell).Experience in engineering data pipelines using Big Data technologies such as Spark, Kafka, Hadoop, Storm, etc.Experience with ELK, New Relic, or similar on Public Cloud Platforms.Experience with Docker and Kubernetes, EKS.Experience working in a fast-paced Agile/Scrum environment (Atlassian Stack).Experience working with various Database technologies, SQL Server, MySQL, PostgresSQL, RedShift, Oracle, etc.Experience working with Vault/Secret platforms, e.g., Hashicorp.
#J-18808-Ljbffr