- At least 4 years of experience in IT Security required.
- Good English written/verbal communication skill (C1)
- Deep architectural knowledge in the area of leading cloud providers is needed (Azure,AWS nice to have Ali cloud ); hybrid/multi-cloud integrations’ knowledge would be highly appreciated
- Demonstrated understanding of IT Security domains: security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing
- Experience with Github: security settings, features and security risks for the service
- Knowledge about Landing Zone aspects and Infrastructure-as- Code (IaC) for AWS/AZURE and security services related to it
- Experience with containers eg. EKS, AKS, docker for AWS and Azure cloud
- Hands-on experience in DevSecOps, SSDLC, CI/CD security pipeline would be of great advantage
- Knowledge of IT security frameworks and standards is required (ISO2700x, CIS Benchmarks, NIST, Well Architecture Frameworks for AWS/AZURE)
- Completed certification in on or more enlisted cloud security paths: CCSK by CSA, AZ-500 by Microsoft, SCS-C01 by AWS
- Cross-sectional knowledge of the basics of security technology is required: CNAP/CNAPP, SIEM, SOAR, IDAM, DLP, IAM, PIM/PUM, BDS; hands-on experience with the usage or deployments of at least one of those would be of a great advantage.
- Good presentation skills to provide clear and supportive information to non-technical audience.
- Ability to work autonomously and to lead tasks assigned from the beginning to the end.
- Being able to work with many tasks at the same time.
- Good team skills, open for other cultures
,[Designing security architecture for cloud deployments, minimum safeguards, introduce security baselines (mostly Azure, AWS ), Supporting internal stakeholders in any affair concerning cloud security topics, Providing deep technical advisory to internal IT teams to follow the best cloud security practices., Deploying and maintaining native and 3rd party security products in cloud environments, especially CNAPP/CSPM/CWPP, Conducting risk, network, and vulnerability evaluations against defined security requirements, Contributing to the compliance evaluations against internal and external regulations that touch cloud deployments., Support internal IT teams in implementing security requirements security good practices., Contributing to the Danone technology communities in building common knowledge base on cyber security / information security, Participation evaluation of cloud products (PaaS, SaaS, IaaS), Researching for latest cloud security threats, analyze the current situation and provide feedback for internal cloud security knowledge base., Provide the solutions or workarounds to mitigate the risks] Requirements: Azure, AWS, GitHub, Landing Zone, IaC, DevSecOps, Windows DC Server, SSDLC, Microsoft 365, Ali Cloud, CI/CD Pipelines Additionally: International projects, Private healthcare, Sport subscription.
azure-aks CI/CD Infrastructure as Code (IaC) SIEM Amazon Web Services (AWS) docker-containers Azure hybrid-cloud devsecops Docker amazon-eks GitHub pim SOAR Presentation skills amazon-iam