Lead - Cloud Infrastructure and Security Technology

Job type:Permanent
Industry:Agriculture
Expertise:IT & Digital
Salary:Negotiable
Job published:12/9/2024
Job ID:V-42559

Our client, a global leader in the agricultural sector known for its innovation and commitment to sustainability, is seeking a Lead for Cloud Infrastructure and Security Technology. This pivotal role resides within the Technology Security division as part of the Group Strategy & Transformation function and reports directly to the Group Head of Enterprise & Cloud Security.

As the technical lead and subject matter expert (SME), you will take charge of designing and delivering cloud services and projects that align with the organization’s strategic goals. This position is instrumental in driving transformative initiatives, optimizing cloud infrastructure, and ensuring seamless adoption of cloud solutions throughout the organization.

Responsibilities:

Cloud Foundation Design and Implementation

  • Serve as the technical lead and SME for cloud architecture and security, providing expert guidance on best practices for cloud architecture, design, and deployment.
  • To support business initiatives, design and implement a secure and scalable cloud foundation across one or more cloud providers (e.g., Azure, AWS, and GCP).
  • Define and implement cloud landing zone and security best practices and controls across the cloud foundation, including account structures, identity and access management (IAM), network topologies, security configuration, data protection and governance policies, standards, and procedures compliance with global regulations such as GDPR, ISO 27001, and NIST.
  • Implement cost optimization strategies to monitor and control cloud spending and maintain a cloud cost management framework, including budgeting, forecasting, and reporting.

Cloud Security Technology

  • Led the implementation of the One Identity solution to centralize and streamline identity management across EWS.
  • Designed and oversaw the IAM service for Microsoft Entra ID (formerly Azure AD) and Google Directory, including technology selection, security architecture, and 1 II. Roles and Responsibilities integration with EWS ICT services to ensure robust authentication, authorization, and auditing capabilities.
  • Focus on the analytical aspects of IAM, including user access reviews, policy enforcement, and reporting.

Privileged Access Management (PAM)

  • Design, implement, and maintain the overall PAM service to protect and control elevated organizational access.
  • Ensure secure provisioning, management, and monitoring of privileged accounts, and enforce session recording, password vaulting, and Just-In-Time (JIT) access to minimize risks associated with privileged accounts.

Service Management

  • As a service owner, take responsibility for the entire lifecycle management of Cloud, IAM, and PAM services.
  • Contribute to developing and aligning the service strategy with the EWS ICT strategy.
  • Define Service Level Agreements (SLAs) and Key Performance Indicators (KPIs) to measure service performance. Collaborate with relevant ICT teams, service providers, and vendors to ensure service availability and quality comply with the defined SLAs and KPIs.
  • Establish and maintain comprehensive documentation for design, implementation, and configuration ready for handing over to the ICT operation team.
  • Stay up-to-date with the latest Cloud, IAM and PAM technologies, trends, and best practices with knowledge sharing with the related teams.
  • Work cross-functionally with relevant ICT teams (e.g., Infrastructure and Digital applications) to enable service integrations, complying with security-by-design principles.

Qualifications:

  • Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
  • ICT CertificatesCompTIA A , Network or Security or CCNA or CCSA and Certified Solution Architect of AWS, Azure, or GCP
  • Preferred certificates: Certified Cloud Security Professional (CCSP), Azure Security Engineer Associate preferred, or AWS Certified Security
  • 5 years of experience in infrastructure-related roles, with a strong foundation in IT systems, networking, and security.
  • 3 years of experience in cloud or related roles, with hands-on experience in Azure, AWS, or GCP.
  • Proficiency in managing Microsoft Entra ID and other cloud identity and access management solutions, with hands-on experience in Microsoft Entra ID.
  • Strong understanding of Privileged Access Management (PAM) solutions, their integration with cloud environments, and hands-on experience in PAM products.
  • Experience with cloud security frameworks such as CIS Benchmarks and NIST guidelines.
  • Knowledge of cloud security tools like Azure Security Center, AWS Security Hub, and Google Cloud Security Command Center.