Security Consultant

Job Description: Security Consultant (Cloud Platform-Specific Security)

Location: Poland

Experience: 10+ years

Employment Type: Full-time

Role Overview:

We are seeking a highly experienced Security Consultant with deep expertise in designing, implementing, and managing cloud platform-specific security policies and controls. The successful candidate will lead efforts to establish and maintain robust security configurations for cloud environments (primarily Azure and AWS), focusing on governance, identity management, access control, data protection, and compliance. This role will be pivotal in ensuring enterprise-grade security for cloud-based infrastructures and enabling secure digital transformation.

Key Responsibilities:

1. Policy and Standards Development:

- Design and develop cloud platform-specific security policies to ensure compliance with industry standards and organizational objectives.

- Create and maintain standards and procedures for management group/account and subscription management.

- Implement configurations using tools such as Azure Policy, Azure Security Center, and AWS Config for cloud governance.

- Develop and document frameworks for secure deployment and operations in multi-cloud environments.

2. Identity and Access Management (IAM):

- Architect and manage identity lifecycle processes, including provisioning, de-provisioning, and access reviews.

- Enforce role-based access control (RBAC), least privilege access models, and identity federation solutions.

- Implement Single Sign-On (SSO) solutions, multi-factor authentication (MFA), conditional access policies, and secrets/password management.

- Strengthen identity security by integrating directory services like Azure AD and AWS IAM.

3. Cloud Platform Security Configuration:

- Deploy and manage firewalls, network security groups, and security configurations for cloud-native services.

- Configure and monitor security tools such as Azure Monitor, AWS CloudTrail, and AWS GuardDuty for threat detection and compliance.

- Establish and automate processes for continuous compliance and security monitoring.

- Collaborate with DevOps teams to integrate security into CI/CD pipelines.

4. Data Protection and Governance:

- Implement encryption solutions for data at rest and in transit, ensuring secure handling of sensitive data.

- Establish security controls to enforce data sovereignty, retention, and classification requirements.

- Define and implement access control policies for data storage solutions like Azure Blob Storage, AWS S3, and databases.

5. User and Account Management:

- Define secure procedures for managing user and administrator accounts, including periodic access reviews and privilege audits.

- Implement tools for identity governance and administration, ensuring compliance with organizational policies.

- Maintain processes for managing service accounts, API keys, and secrets securely using tools like Azure Key Vault and AWS Secrets Manager.

6. Auditing, Monitoring, and Incident Response:

- Establish real-time monitoring frameworks for cloud platforms using tools like Azure Sentinel, AWS CloudWatch, and SIEM integrations.

- Perform regular vulnerability assessments and collaborate with teams to remediate identified risks.

- Develop and maintain incident response playbooks tailored for cloud-based threats.

- Lead post-incident analyses and implement lessons learned to improve security posture.

7. Governance and Compliance:

- Ensure compliance with international and regional security frameworks such as ISO 27001, GDPR, NIST CSF, and SOC 2.

- Support audits and certifications by providing evidence of security compliance.

- Align cloud security practices with organizational risk management frameworks.

Qualifications and Experience:

Education:

- Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Technology, or a related field.

Experience:

- 10+ years of experience in IT security, with at least 5+ years of direct experience in cloud security (Azure, AWS, or both).

- Proven track record in designing and implementing cloud security policies and configurations.

- Strong knowledge of identity management, network security, and data protection in cloud environments.

Technical Skills:

- Expertise in cloud security services such as Azure Security Center, Azure AD, AWS IAM, AWS Config, and AWS GuardDuty.

- Proficiency with infrastructure-as-code tools (e.g., Terraform, CloudFormation) to enforce security configurations.

- Strong understanding of DevSecOps principles and experience integrating security into DevOps workflows.

- Familiarity with container security tools (e.g., Kubernetes, Docker) and serverless architectures.

- Experience with scripting and automation using tools such as Python, PowerShell, or Bash.

Certifications (Preferred):

- Azure Security Engineer Associate, AWS Certified Security – Specialty.

- CISSP, CISM, or other recognized cybersecurity certifications.

- Knowledge of compliance frameworks such as ISO 27001, NIST, and GDPR.

Key Competencies:

- Strong analytical and problem-solving abilities.

- Excellent verbal and written communication skills to interact with stakeholders across business and technical teams.

- Proactive mindset with the ability to work independently or as part of a team.

- Attention to detail and the ability to prioritize tasks effectively.