Job Summary
- SCB Cloud Security, Cloud Engineering, Cloud Operations Teams and Container Engineering Team
- Cloud Security Management Team
- Technology Services Portfolio Manager
- Managers in key support functions (e.g. CIOs)
- Support function departments needed to execute projects
Responsibilities and Duties
- Create seamless development experience for our developers working with application and engineering team
- Develop services designs in alignment with Global Information Security Policies and Standards. Implement container platform Services with adequate security
- Provide guidance on implementation of container service designs confirming Global Information Security Policies and Standards
- Validate the security controls deployed around service designs
- Focus on automation and infrastructure as code with Secure first design
- Experience in container forensics, incident analysis and management
- Deeper knowledge in Information Security domains (IAM, Data Protection, Application & Infrastructure Vulnerability Management, Security Monitoring, Network Security, etc.)
- Develop security monitoring use cases for monitoring various security events through on-premise Splunk SIEM solution
- Use Mitre Att&ck and CAPEC framework to create threat models to identify security risks with a focus on containers and Kubernetes
- Ability to understand and work with monitoring solutions to provide full visibility to the different platform components using tools and services like Kubernetes, Prometheus, Grafana, ELK, Datadog
- Ability to work with business to identify automation use cases for complex security solutions with different degrees of documentation
- Ability to create unit and integration tests and understand debugging software
- Actively participate in code reviews and take responsibility of IaC modules review
- Work with developers to provide advisory and help them understand and make use of security technologies, industry standards such as NIST and CIS
- Communicate control gaps with software developers, managers, quality engineers, and peers in the Engineering and Architect Teams
- Define test strategy by reviewing requirements, architecture, and design documents
- Provide thought leadership in supporting cloud security requirements and providing suitable solutions
Qualifications and Skills
- Experience with Kubernetes platforms (OpenShift, EKS, AKS, GKE)
- Experience with Docker and Kubernetes
- Experience with scripting and orchestration including Terraform
- Experience with Go, Python, Java, or Ruby
- Experience with monitoring tools such as AppDynamics, ELK, Grafana, Prometheus
- Experience with public cloud (AWS, Azure, GCP)
- Experience working with Jira, Jenkins, Confluence and Artifactory
- Experience creating Splunk use cases (SIEM) and Splunk query language
- Container Certifications like CKA, CKAD.
- Security Certification like CISSP, CCSP, CCSK
- Critical thinking and problem-solving skills
- Communication skills and Decision-making
- Influencing and leading
- Team work
- Conflict management
- Adaptability
