An American leader in cloud computing are have a new role available. You would be required to build out their continuous security compliance framework. The end client is a German biotechnology company that develops and manufactures active immunotherapies for patient-specific approaches to the treatment of diseases.
They are looking for:
1 x Security Engineer
This role offers the following:
- B2b contract
- Fully remote working
- Part time work (18 hours per week)
- Develop existing implementation of Lacework CSPM tool to monitor and analyze the security posture of BNT cloud infrastructure.
- Perform continuous monitoring of cloud resources, configurations, and security policies to identify and address security risks.
- Collaborate with cross-functional teams to establish and enforce security policies, standards, and best practices.
- Develop and maintain runbooks (SOPs) with workflows for security assessment, incident response, and remediation.
- Conduct security assessments and audits of cloud services, architectures, and applications to identify vulnerabilities and recommend improvements.
- Investigate and respond to security incidents, working closely with incident response teams to minimize impact and prevent future occurrences.
- Integrate policy requirements into pipelines as preventive controls
- Experience implementing Lacework control policy as code
- Solid understanding of cloud security concepts, best practices, and industry standard compliance frameworks (ISO + NIST + CIS)
- Understanding of GxP framework
- Confluence Documentation
- Relevant certifications eg: Certified Cloud Security Professional (CCSP) or Certified Information Systems Security Professional (CISSP)