Technology Consulting-Cloud Security Architect-Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Job Summary

Title: Cloud Security Manager

We are seeking a highly skilled Cloud Security Manager with extensive experience in securing cloud environments across AWS, Azure, and GCP. The ideal candidate will have a strong background in cloud security architecture, governance, risk management, and compliance (GRC), ensuring the security of cloud-based applications, data, and infrastructure.

The Cloud Security Manager will work closely with security, IT, and engineering teams to define and implement security best practices, policies, and frameworks, aligning with industry standards and regulatory compliance requirements.

Key Responsibilities

Cloud Security Strategy And Architecture

• Design, implement, and manage security controls across AWS, Azure, and GCP environments.
• Define cloud security strategies, security reference architectures, and best practices.
• Conduct risk assessments and threat modelling for cloud-based applications and services.
• Implement Identity and Access Management (IAM), Zero Trust Architecture (good to have), and least privilege access controls.
• Oversee cloud network security, encryption, key management, and data protection mechanisms.

Compliance & Governance

• Ensure compliance with industry standards and regulations such as ISO 27001, NIST, CIS, PCI DSS, HIPAA, GDPR, and SOC 2.
• Develop, implement, and monitor cloud security policies, procedures, and controls.
• Collaborate with legal, audit, and compliance teams to ensure regulatory adherence.
• Conduct cloud security assessments and audits to identify gaps and drive remediation.

Cybersecurity & Risk Management

• Identify, assess, and mitigate cloud security risks and vulnerabilities.
• Implement cloud-native security tools such as AWS Security Hub, Azure Defender, Google Security Command Center, etc.
• Develop and enforce incident response and security monitoring processes for cloud environments.
• Work with SOC teams to integrate SIEM, threat intelligence, and security automation (SOAR) solutions.
• Manage cloud security posture management (CSPM) and cloud workload protection platform (CWPP) solutions.

DevSecOps & Security Automation

• Integrate security into CI/CD pipelines to ensure secure application development.
• Automate security testing using SAST, DAST, and IaC security scanning tools.
• Work with DevOps teams to enforce secure coding practices and cloud security configurations.

Team Leadership & Collaboration

• Lead and mentor security engineers, analysts, and cloud teams in security best practices.
• Collaborate with cross-functional teams to embed security into cloud development and operations.
• Conduct security awareness training for development, operations, and business teams.

Required Qualifications & Skills

Technical Skills

• Strong expertise in AWS, Azure, and GCP security services (IAM, KMS, Security Groups, VPC, Azure Defender, Google SCC, etc.).
• In-depth knowledge of cloud security architecture, network security, and workload protection.
• Experience with security frameworks (NIST, CIS, ISO 27001) and regulatory compliance.
• Hands-on experience with SIEM, SOAR, CSPM, CWPP, and Endpoint Security solutions.
• Expertise in Identity & Access Management (IAM), Privileged Access Management (PAM), and Multi-Factor Authentication (MFA).
• Knowledge of DevSecOps, Infrastructure as Code (IaC) security, and security automation.
• Handon experience in developing project related technical documents, reports, artefacts, policy/procedure documents etc.

Certifications (Preferred but not mandatory)

• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• AWS Certified Security – Specialty
• Microsoft Certified: Cybersecurity Architect Expert
• Google Professional Cloud Security Engineer
• CISA, CISM, or CRISC (for compliance and risk management expertise)

Soft Skills

• Strong leadership and stakeholder management abilities.
• Excellent problem-solving, analytical, and decision-making skills.
• Ability to work in a fast-paced and evolving cloud security landscape.
• Consulting experience in a client facing environment is a must
• Travel to MENA region for project delivery

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.