Risk Consulting - Manager - Cloud Security

EY

  • Thiruvananthapuram, Kerala
  • Permanent
  • Full-time
  • 3 days ago
At EY, we're all in to shape your future with confidence.We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.Join EY and help to build a better working world.EY-Digital Risk - Cloud SecurityThe opportunityWe're looking for Manager with expertise in Cloud Security and Risk Assessment' to lead the audit/review of security architecture and controls across hybrid cloud environments. This is a fantastic opportunity to be part of a leading firm whilst being instrumental in the growth of our service offering.Your key responsibilities
  • Evaluate key cloud security solutions such as Cloud Security Posture Management (CSPM), Cloud Workload Protection Platforms (CWPP), Identity and Access Management (IAM), Cloud Access Security Brokers (CASB), Web Application Firewalls (WAF), Cloud encryption and key management services, Security Information and Event Management (SIEM), and security automation tools with respect to hybrid cloud security posture (AWS, Azure, GCP, and on-premises).
  • Evaluate the effectiveness of the implementation and operations of vulnerability management and patching programs, including timely identification, prioritization, and remediation of cloud and on-premises vulnerabilities
  • Evaluate security hardening standards and secure cloud configuration best practices across all environments.
  • Evaluate DevSecOps implementation to embed security into CI/CD pipelines and cloud deployments.
  • Evaluate the current practice followed of cloud security monitoring and incident management
  • Conducting risk assessments and vulnerability analyses in cloud environments and propose mitigation strategies
  • Support larger Internal Audit and Cyber security audits engagements especially on domains related to cloud security
  • Develop cloud security policies/procedures to protect data in the cloud and prevent unauthorized access.
  • Good understanding of cloud security standards/regulations globally and within the MENA region (KSA, UAE, Qatar)
  • Communicate cloud security risks, strategies, and remediation plans clearly to technical teams and senior management
  • Ability to translate complex technical details into clear, business-understandable language for effective communication with stakeholders/business users
  • Good in report writing and convey the observations to the top management in layman's language emphasizing on the business risks.
  • Build a team under you focused on cloud security and mentor junior resources
  • Facilitate knowledge sharing and cross-team collaboration to enhance cloud security skills within the group
  • Should be open-minded and ready to take up additional challenges or tasks outside your core domain expertise
Skills and attributes for success
  • Strong technical knowledge of AWS, Azure, GCP, OCI and on-premises security architectures and controls.
  • Proven ability to evaluate cloud security technologies, policies and processes.
  • Experience conducting cloud risk assessments against global/MENA specific standards/regulations
  • Experience managing cloud security metrics, reporting, and audit readiness.
  • Excellent communication and stakeholder management skills.
  • Experience in incident management and response in cloud environments.
  • Familiarity with DevSecOps and secure CI/CD practices in Cloud
To qualify for the role, you must have
  • 7-14 years of experience in cloud security, with hands-on expertise in hybrid and multi-cloud environments.
  • Excellent communication skills with consulting experience preferred
Ideally, you'll also have
  • A bachelor's or master's degree in B. TECH/B. E, MS, MBA in accounting or a related discipline.
  • CCSP (Certified Cloud Security Professional)
  • AWS Certified Security - Specialty
  • Microsoft Certified: Azure Security Engineer Associate
  • Google Cloud Professional Cloud Security Engineer)
What working at EY offersAt EY, we're dedicated to helping our clients, from start-ups to Fortune 500 companies - and the work we do with them is as varied as they are.You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
  • Support, coaching and feedback from some of the most engaging colleagues around
  • Opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that's right for you
EY | Building a better working worldEY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

EY