Multi-Cloud Security Leadership: Lead the design, implementation, and operation of multi-cloud security frameworks, encompassing architecture, baseline controls, DevSecOps practices, tooling, and automation.
Cloud Security Architecture & Governance: Partner with cyber and data security teams to develop and deploy cloud-native security solutions that enhance infrastructure and application protection.
Baseline Management: Establish and maintain secure OS and Kubernetes cloud baselines, ensuring regular compliance checks and remediation aligned with security standards.
Secure SDLC & DevSecOps Enablement: Champion DevSecOps culture by integrating group-level security tools into local application ecosystems. Oversee integration of SAST, DAST, SCA, and other security tools into engineering workflows.
Vulnerability Management: Ensure infrastructure vulnerabilities are continuously monitored and remediated in accordance with cybersecurity policies.
Incident Response & Collaboration: Act as a technical lead in infrastructure security, providing expert support during security incidents and collaborating across teams to safeguard business operations.
