• US Citizen

• Green Card

• EAD (OPT/CPT/GC/H4)

• H1B Work Permit

• Corp-Corp

• W2-Permanent

• W2-Contract

• Contract to Hire

• Consulting/Contract

• UG :- - Not Required

• PG :- - Not Required

• No of position :- ( 1 )

• Post :- 18th Dec 2023

REQUIRED EDUCATION:

Bachelor’s Degree in any field

Microsoft Certified: Azure Security

TOP 5 REQUIRED ATTRIBUTES:

1. 5+ years of experience in cloud security architecture or similar roles in Azure and GCP

2. Strong knowledge of security architecture, design patterns, and best practices in cloud environments

3. Demonstrated experience in designing and implementing secure solutions for Azure cloud environments, encompassing IaaS and PaaS components and services

4. Demonstrated experience in designing and deploying the following services:

o Azure Policy

o Azure WAF and App Gateway

o MDfC

o Entra and Purview

5. Excellent communication skills to articulate complex security concepts to technical and non-technical stakeholders

 

TECHNOLOGY PROFICIENCIES:

Microsoft Azure

GCP (Google Cloud Platform)

 

KEY WORDS:

 

Preferred Attributes:

STRONG PREFERENCE - Experience with DevSecOps practices, integrating security into the infrastructure as code (IaC) CI/CD pipeline

 

Location: 25% onsite in Racine

Hours: 40/week 8:00 – 5:00 PM (with flexibility due to collaboration with global teams)

Interview Format: 1 Panel Interview/Video

Conversion Planning: No Conversion planning, but this contractor will be visible to other teams and possible opportunities within SC Johnson.

 

 

This role will assist the security architecture leader in ensuring the secure design, implementation, and operation of our business solutions within the cloud environments. The successful candidate will collaborate with application and infrastructure teams to provide expert guidance on security best practices, develop security standards and design patterns, and conduct thorough technical security assessments to uphold the confidentiality, integrity, and availability of our cloud-based systems and data.

 

Project or Solution Security Consulting Responsibilities

 

o Collaborate with cross-functional teams to understand business requirements and provide security recommendations for cloud-based projects

o Assist application and infrastructure solution teams in architecting and implementing secure business solutions utilizing IaaS and PaaS components and services

o Conduct security design reviews for proposed cloud solutions, identifying and addressing potential vulnerabilities and threats

o Document formal project artifacts – business requirements, high-level architecture and design documentation, low-level architecture and design documentation

o Consult solution team on vulnerability and penetration test assessment findings

o Provide general security support and consulting throughout the engagement

 

Security Governance Responsibilities

 

o Develop, enhance, and maintain security standards, policies, and procedures for cloud-based systems, ensuring alignment with best practices and regulatory requirements, while focusing on cloud-specific security controls

o Create and update security design patterns for various business scenarios in the cloud, ensuring consistent and effective security practices across projects

o Provide expert advice on regulatory compliance (e.g., GDPR, HIPAA) and industry best practices related to cloud security

o Utilize the NIST CSF, CIS, CSA CCM to guide and enhance company security posture

 

General Responsibilities

 

Conduct technical security assessments and create minimum security baselines for both on-premises and cloud applications and services, identifying vulnerabilities and providing remediation requirements and recommendations

o Lead security attestation efforts for cloud PaaS services, working closely with internal teams and external vendors to ensure compliance with security requirements

o Collaborate with the wider security team to support response and remediation of security incidents, as well as proactively identify potential security risks

o Apply threat modeling frameworks (e.g., STRIDE, PASTA, MITRE ATT&CK) to assess and address security threats and vulnerabilities for new and existing applications and services

o Provide technical and project leadership for IT security solutions

o Full cycle engagement and leadership - analysis, requirements development, solution request-for-proposal (RFP) support, design, documentation, implementation, operationalization, and maintenance

o Definition of control effectiveness metrics and establishment of on-going visibility and reporting

o Integration into product-related lifecycle activities

o Development of operational plan for transition of the security solution to run

o Evangelize agile culture and DevSecOps shift-left mentality within and outside of information security department

o Actively participate in team scrum activities in a hybrid productized and projectized environment

o Properly document and manage scrum stories from sprint to sprint, ensuring timely updates

o Provide input for development of domain/product-related roadmaps, tactical execution plans with SMART OKRs (objectives and key results), and assist in related activities (e.g. current state documentation, gap analysis, resource estimations)

o Focus on self-service, automation opportunities and quality of supporting documentation

Thanks & Regards,

Vinay Kumar Sripathi

SR US IT Recruiter 

Email;Vinay.Sripathi@sparinfosys.com

Direct Number:- 469-613-4909

Fax : 214-291-2507

5550 Granite Parkway, Suite 105, Plano, TX 75024, USA