CLOUD SECURITY ASSURANCE CONSULTANT

📋 Description

• • As a Cloud Security Assurance Consultant at LIT IT GmbH, you will be at the forefront of ensuring the security and integrity of our clients' cloud environments. This pivotal role involves leading comprehensive security assessments and in-depth architecture reviews across the leading cloud platforms: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Your expertise will be crucial in validating the robustness of security implementations against established industry best practices and frameworks, ensuring our clients' cloud transformations are both innovative and secure.
• • You will be responsible for providing expert guidance and strategic recommendations to significantly strengthen our clients' cloud security posture. This includes identifying vulnerabilities, assessing risks, and proposing actionable solutions to mitigate threats in dynamic cloud ecosystems. Your insights will directly contribute to building resilient and secure cloud architectures that support enterprise-wide digital transformation initiatives.
• • A core aspect of your role will be to lead security architecture and assessment reviews for a variety of cloud-native and hybrid solutions. This involves a deep dive into the design and implementation of security controls, ensuring they align with business objectives and regulatory requirements. You will meticulously validate solution designs against recognized industry frameworks such as the National Institute of Standards and Technology (NIST CSF), Center for Internet Security (CIS Benchmarks), and the Cloud Security Alliance (CSA CCM), providing detailed reports and remediation plans.
• • Furthermore, you will conduct advanced cloud penetration testing, adhering to methodologies like CREST and CHECK. This hands-on testing will uncover potential security weaknesses and provide practical validation of security controls. Your responsibilities will also extend to validating the security of Infrastructure as Code (IaC) deployments and the security of Continuous Integration/Continuous Deployment (CI/CD) pipelines, ensuring that security is embedded throughout the development lifecycle.
• • In the realm of Compliance and Governance, you will lead critical compliance assessments. This includes evaluating adherence to standards such as ISO 27017, ISO 27018, SOC 2, GDPR, NIS2, and DORA. You will assess the effectiveness of cloud governance frameworks and Cloud Security Posture Management (CSPM) tools, ensuring that clients maintain a strong compliance stance.
• • You will play a key role in coordinating cloud security audits, liaising effectively with both internal teams and external auditors to ensure a smooth and transparent audit process. Your ability to translate complex technical findings into clear, concise communication for diverse audiences, including senior management, will be essential.
• • Your expertise will also be vital in assessing and securing Identity and Access Management (IAM) architectures within cloud environments. This includes evaluating privileged access management controls, ensuring that access is granted based on the principle of least privilege and is rigorously monitored.
• • You will validate encryption standards, key management processes, and data residency controls to protect sensitive client data. This involves reviewing how data is protected at rest and in transit, and ensuring compliance with data sovereignty regulations.
• • A critical part of your role is to review and validate Single Sign-On (SSO) and Multi-Factor Authentication (MFA) implementations, ensuring secure and seamless user access while minimizing the risk of unauthorized entry.
• • You will collaborate closely with DevOps and Platform Engineering teams, fostering a culture of security-first development and operations. Your input will be invaluable in integrating security best practices into automated workflows and infrastructure management.
• • This role offers a unique opportunity to shape the cloud security strategies of leading organizations in the DACH region, leveraging the combined strengths of NTT DATA and Reiz Tech. You will be instrumental in driving innovation and ensuring the highest standards of security assurance in a rapidly evolving IT landscape.
• • Your analytical mindset and risk-based decision-making approach will be key to navigating complex security challenges and providing strategic direction. You will contribute to developing and driving strategic cloud security roadmaps, ensuring long-term security resilience and alignment with business goals.