Job Title

Job Title: Senior Manager, Cloud SecurityLocation: RemoteDuration: 12+months, likely long termNotice period: Immediate Joiners PrefferedKey ResponsibilitiesBuild and maintain cloud and container security governance frameworks for multi-cloud environment including Microsoft Azure, GCP and Kubernetes.Define and align cloud and container security standards, frameworks and policies with overall business and technology strategy and drive implementation of processes and tools to monitor and enforce compliance. Develop and evolve Cloud and Container Security reference architecture and security capabilities roadmapsBuild and maintain a network of key stakeholders across security teams, central IT teams, business tech and developer groups to understand future state cloud requirements and roadmaps.Define and periodically review cloud service and container security controls and guidance documentation for Kubernetes and all IaaS & PaaS services, balancing business objectives with information and cyber security requirements.Define security guidance and best practice for Kubernetes and all IaaS & PaaS services to supplement security controls.Drive the cloud and container security conversation within cyber security office, central IT teams, business technical senior leadership and workload owners.Provide cloud and container security architecture review for large scale cloud projects and platforms providing recommended changes or enhancements to ensure alignment with secure by design principles.Provide cloud and container security consultancy to cyber risk assurance and governance risk and compliance teams for solution architecture reviews.Identify and communicate current and emerging security threats.Maintain technical skills and knowledge, keeping up to date with market trends and competitive insights.Basic qualifications:Minimum of 8 years working as an information security professional and at least 3 years working as a cloud and/or container security professional.BSc level or equivalent education.Expert level security knowledge of Azure, GCP.Solid understanding of securing Kubernetes platforms and Container hosted workloads.Proven experience in security architecture and security by design reviews of cloud native solutions, leveraging containers, micro-services, APIs, PaaS capabilities such as data storage, databases and data processing technologies, and identity & access management suites on Azure, GCP.Proven experience of security reviews and threat modelling for cloud hosted solutions leveraging Generative AI cloud services.Demonstrated experience and understanding of cyber security principles, IT security controls, and related technologies and products.Demonstrated experience of network security related to cloud network virtualisation, Kubernetes networking and associated security controls.Demonstrated experience of identity and access management related to securing cloud and container platforms and workloads.Strong stakeholder management skills.Strong verbal/written communication in English, with the ability to effectively interact with professionals at all levels of responsibility and authority, both technical and non-technical.Ability to work with virtual teams located in different countries around the world, aligning and adapting different work, culture, and communication styles.Should have / most important certs:Certified Kubernetes Administrator (CKA)Certified Kubernetes Security Specialist (CKS)