Job Description

• Develop and implement the enterprise-wide Systems & Cloud Security strategy, ensuring alignment with overall cybersecurity roadmap.
• Establish and maintain security standards, baselines, and architectural principles for infrastructure and cloud workloads.
• Provide expert input to security governance forums, steering committees, audit committees, and senior leadership.
• Develop policies, procedures, and frameworks for infrastructure and cloud security consistent with ISO 27001, NIST, CIS, PCI-DSS, etc.
• Oversee the security posture of data centers, servers, networks, virtualization platforms, endpoints, Container, Kubernetes and cloud environments (IaaS, PaaS, SaaS).
• Lead and review security architecture assessments, design validations, and hardening initiatives across IT infrastructure.
• Oversee virtualization platform security including hypervisor hardening and secure VM templates.
• Lead the implementation of cloud‑native security controls including AWS, Azure Defender, WAF, DDoS protection, container runtime security, and workload protection solutions (CWPP).
• Govern secure design of cloud network architectures including Transit Gateway, VPC/VNet segmentation, peering, private link services, ingress/egress filtering, and cloud firewalls.
• Oversee Cloud Identity Entitlement Management (CIEM) to eliminate excessive permissions, toxic combinations, and misconfigurations across multi‑cloud environments.
• Ensure continuous security risk assessments, configuration reviews, and vulnerability management for infrastructure components.
• Drive implementation of Zero Trust, Identity & Access Security, Network Segmentation, Endpoint Protection, and Cloud Security Posture Management (CSPM)
• Lead cyber defense initiatives for infrastructure and cloud environments in coordination with SOC & incident response teams.
• Oversee incident investigations impacting systems, cloud services, servers, and infrastructure components.
• Ensure rapid remediation of vulnerabilities and audit findings
• Maintain IS Risk Register

People Management

• Lead, mentor, and develop a team of security specialists and analysts.
• Collaborate closely with Infrastructure, Cloud Engineering, Network, DevOps, and IT Operations teams.
• Engage senior management, vendors, and business teams for strategic security guidance.
• Manage vendor relationships, contracts, and budgets for infrastructure and cloud security projects.
• Lead annual performance evaluation, goal setting, and capability development for the Systems & Cloud Security team.
• Build and mentor a succession-ready talent pipeline with expertise in multi-cloud security, DevSecOps, and infrastructure protection.

Minimum qualifications:

• Bachelor’s in Computer Science or Information Security or MIS, preferably with at least one of the following professional certifications:
  • CCSP
  • CISM
  • CISSP
  • ISO
  • AWS Security Specialty
  • Azure Security Engineer / Solutions Architect
  • GCP Professional Cloud Security Engineer

Minimum experience:

• 8 years of experience in Information Technology/ Information Security / IT Risk Management