The Cloud Security Engineer is responsible for:
·Act as a local Cloud Broker reference for operational security activities of the Public Cloud platforms
·Know, understand and secure the Public Cloud environment and the related context
·Review Security related changes on Public Cloud platform components
·Liaise with Security representative between Cloud Brokers, Products/Applicative owners and Group Operation Security
·Implement and control security analysis for Platform upgrades, Changes, Compliance requirements
·Implement and control Cloud Platforms Continuous Security Assurance Plan
·Integrate Security By Design prerequisites into CI/CD and Infra As a Code Provisioning
·Suggest effective security controls to be implemented for Cloud Platforms and Services
·Coordinate with Cloud product teams to consolidate cloud security reports.
·Interact with Entities Teams Representative to ensure the effective compliance and remediation of security issues (Vulnerabilities and non-compliance to AXA standards)
The activities under the scope are:
Local Governance :
·CB Security Mandates : definition, review, upgrades and evolutions
·CB Security Governance review on the security activities with GO Security, Market CB, Group Information Security etc
·CB Security Operating Model : definition with all Security teams within AXA (Group Security, Group Operation Security, Risk Teams, Operational Resilience etc)
·CB Security service catalog : define a service offer around security activities to be provided as a service to Market CB and by cascade to the entities
·CB Security processes : Define, implement and update security related processes over organizational and operational activities
·CB Security Change management : Organize the security changes between multiple teams including technical and business operations
·Organize, inform, support and report on Security projects
·Provide assistance and expertise for Secure Cloud Enablement within AXA Public Cloud (Service validation, Service Integration, Obsolescence, End of support, new Services, Versions upgrades/deprecations …)
·CB Security advisory and assistance
·CB Security onboardings
·Knowledge Management
Security Projects cross Market :
·Provide security expertise on the projects for secure enablement
·Organize security forums for information and reporting
·Implement and/or follow implementation of security projects
Local FinOps initiatives :
·Manage and implement Finops initiative identified by other stakeholders
·Define new Finops cost optimizations using Cloud advisories
·Make security posture evolve with finops considerations
Security Mandatory Compliance:
·Participate on security controls evaluations,
·Assess and evaluate new security controls and specific use cases
·Validate security controls implementations, reporting mechanisms
·Remediate and/or provide assistance for non-compliance remediations
Security Internal Audits :
·Organize security audits in project mode
·Define remediation procedures and/or participate in remediations procedures definitions with owners teams (GO Security, PUIAM Teams, CyberArk Teams, etc)
·Implement remediations, report on non-compliance, manage security exceptions
Recertification :
·Participate in evaluating the recertification frameworks, planning and roadmaps
·Review and validate remediation procedures