The IT Security Specialist proactively protects, shields and defends Holcim from cyber threats and prevents cybersecurity incidents with special focus in cloud environments. Makes sure new cloud initiatives and changes are deployed in a secure manner by leveraging leading security technologies and best practices, keeps assurance for cloud systems in the EMEA region and potentially responds in the event of major incident / crisis to reduce impact to Holcim´s infrastructure and brand. This is a cloud specialized IT security position and updated technical cybersecurity skills around cloud technology will be required.
- Design and implement a Cloud Security Posture Management process to improve public and private cloud security and reduce the risk of a successful cloud misconfiguration within the EMEA Region.
- Assist when implementing security access controls and monitoring capabilities in public cloud environments.
- Integrate security into DevOps teams, effectively creating a DevSecOps setup culture.
- Ensure data security in cloud environments, both at rest and in transit.
- Help to implement Holcim´s Cloud Access Security Brokers to better protect and monitor SaaS deployments in the EMEA region.
- Evaluate Secure Access Service Edge to help with cloud architecture design.
- Provide cloud security engineering support on Holcim´s systems in the EMEA region.
- Build automated and flexible detection and response programs using tools like AWS-IR, CloudWatch, CloudTrail, and AWS Lambda.
- Supervise all major facets of cloud risk, including threats, vulnerabilities, and impact.
- Serve as a cloud security expert in application development, system design and deployment, helping IT teams to comply with Group policies, industry regulations and best practices.
- Define the Public and Private Cloud standards, guidelines, and best practices for technology solutions implemented throughout EMEA providing knowledge in IT teams.
- Minimize the impact of cybersecurity incidents in cloud environments and return assets to normal operations as quickly as possible.
- University degree in the field of computer science, engineering, or a related field to support IT and cyber security advice.
- A minimum of 6 years of experience as cyber or IT security specialist dedicated to cloud security.
- Be in possession of the following certifications: CCSP, GCSA. The following certifications would be a plus:
○ From GIAC: GWEB, GCIH, GWAPT, GAWN.
○ From ISC2: CISSP.
○ From CSA: CCSK, CCAK, CGC, ACSP.
○ From AWS: AWS Certified Security Specialty
- Experienced in automating security in DevSecOps CI/CD environments.
- Experience with multi-tier cloud architectures in a virtual private cloud using subnets, availability zones, gateways, and NAT.
- Experienced with security in AWS and Azure environments.
- Sound knowledge on SaaS, PaaS, IaaS, and FaaS security controls and implementation
- Skilled in container security controls and architecture
- Being able to work on a multi-VPC and multi-account architecture and strategies.
- Experience deploying and/or administering Cloud Security solutions in large enterprises (e.g. WAF, CASB, Aqua, CloudWatch, Cloud-based DLP, server workload EDR or any other CWPP component).
- Large knowledge and experience applying systems hardening settings specially on AWS, other public cloud environments (Google, Azure) would be considered as a plus.
- Sound experience on DR+BCP considerations in cloud environments.
- Excellent written, oral and interpersonal communication skills in English. Spanish, French, Arabic, German and/other languages used in the countries in which we operate would be an advantage.
- Capable of working independently or as a team member to solve cybersecurity engineering problems.
- Strong attention to details and ability to document findings clearly and convey coherent information including remediation guidance.
- Extensive experience working in a team-oriented and collaborative environment.
- Demonstrated skills to negotiate in difficult situations and come to win-win agreements.
- Value inclusion within your day to day responsibilities by respecting others’ perspectives / convictions, engaging others’ opinions, creating a safe environment where people, ideas and opinions are valued within the team / “internal” customers and external partners.
- Respect and take into consideration diversity by valuing different world views, challenges and cultures that represent all walks of life and all backgrounds.
- Is sensitive to how people, cultures and organizations function. Deals comfortably with organizational politics. Steer through the organizational maze to get things done.
- Demonstrates positive thinking mindset, consistently identifying highlights.
- Shows a can-do attitude in good and bad times and act as a role model in terms of ethics and self awareness.
- Ability to frequently travel within the region (up to 50% in a year).