Director, Cloud Applications Security

**We are unable to sponsor as this is a permanent full-time role***

A prestigious company is looking for a Director of Cloud Application Security Engineering. This role will focus on application security within AWS and Azure cloud. They will manage 3-5 people and focus on engineering and not just architecture. This Director must have deep understanding of IaC, CICD, DevOps, Containerization, etc.

Responsibilities:

• Provide expert knowledge to the organization and stakeholders regarding the status, goals, functionality, and progression of Security Objectives
• Understand and be able to relay complex IaC, Cloud, and Application Security information as a subject matter expertise
• Provide senior level leadership to a broad team of engineers, consultants, and staff across the organization.
• Manage complex deliverables across security and information technology teams to ensure we meet our timelines, goals, and requirements.
• Provide detailed status updates using industry tools such as Jira, Confluence, ServiceNow
• Develop staff to including training, mentorship, and functional alignment with our critical service delivery for Amazon Web Services, Azure, and security tool implementation
• Ensure teams are focused on prioritized work to enable our delivery of these key services

Qualifications:

• Advanced degree, preferably in a technical discipline (Computer Science, Engineering, Mathematics, etc.) and relevant IT systems experience in PKI, or equivalent combination of education and experience required
• CISSP, Cloud Based Certifications and PKI Foundational certifications are a strong plus.
• Relevant experience managing multiple teams across different technology spectrums.
• Understanding of AWS and Azure security reference architecture
• Understanding of DevOps and DevSecOps including current industry leading services and systems
• Subject Matter Expertise on full development lifecycle processes, requirements, and security considerations
• Application security experience and understanding of code scanning, remediation processes, and capabilities
• Deep Understanding of cloud services (AWS / Azure)
• AWS Proficiencies
• Lambda, Security Hub, Control Tower, AWS Networking Models, AWS Multi-Account Relationships, AWS IAM Roles, Policies, Permissions, AWS Authentication Mechanisms, AWS Network Firewall, AWS Firewall Manager
• Azure Proficiencies
• Conditional Access, PIM – Privileged Identity Management, Multi-factor Authentication, Entra ID (Formerly Azure AD), Azure Subscriptions and Permissions, Event Hub, Azure Security Policies, M365 Authentication, Azure AD Sync
• DevOps Proficiencies
• Terraform / TFE, Hashi Vault, EKS / Kubernetes, Container Methodology, Service Mesh, Jenkins, Rancher
• Application Security Proficiencies
• Blackduck, Veracode, Understanding of GitOps / Gitlab / Github, Deep understanding of CI/CD processes and methodologies