Principal Cloud Security Lead Offline

Experience: 7+ years
Domain: Banking and Finance
Location: Remote (Poland)

Language: Fluent English

About the Role
We are seeking a Principal Cloud Security Lead to join an international banking transformation project. You will play a key role in building a next-generation core system, enhancing customer channels, and delivering an upgraded product offering. The project leverages both Azure and AWS environments.

Start Date: ASAP
 

Key Responsibilities

• Leadership & Agile Practices: Lead security teams, manage ticket backlogs, plan sprints, and promote agile practices within security operations.
• Security Architecture: Design high-level and detailed security architectures across AWS and Azure platforms.
• Cloud Security Implementation: Develop and implement comprehensive security solutions utilizing native tools in AWS and Azure.
• Compliance & Risk Management: Ensure adherence to frameworks such as PCI DSS and CIS, conducting risk assessments and developing mitigation strategies.
• Threat Detection & Incident Response: Establish proactive monitoring and incident response strategies for effective threat management.
• Security Automation & Observability: Integrate security automation and observability tools to enhance threat detection and streamline incident response.
• Secure SDLC Practices: Embed secure coding principles and security standards throughout the development lifecycle.
• Application Security Testing: Perform security assessments using SAST and DAST to identify and remediate vulnerabilities.
• Container & API Security: Implement security measures for containers and APIs, leveraging AWS ECR, Azure Container Registry, and secure development practices.
• Cross-Functional Collaboration: Work closely with development, DevOps, and compliance teams to ensure security initiatives support business objectives.

Technical Requirements

• Cloud Security Expertise:
  • AWS: Security Hub, GuardDuty, IAM, KMS, Config, CloudTrail, WAF, Shield
  • Azure: Microsoft Defender for Cloud and Endpoint, Entra ID (formerly Azure AD), PIM, Azure Policies, Azure Security Center, CAF implementation
• Application Security:
  • Strong knowledge of SAST, DAST, Infrastructure as Code (IaC), Software Composition Analysis (SCA)
  • Experience integrating security tools into CI/CD pipelines
  • Solid understanding of the OWASP Top 10

• Cybersecurity Standards:
  In-depth knowledge of cybersecurity principles and best practices.

   

Project Stack

• AWS & Azure
• Security frameworks: PCI DSS, CIS
• DevSecOps tools integrated into CI/CD pipelines