Sr. Consultant, Info Security, App, Data, Cloud Security

Job Purpose and Impact

• The Senior Professional, Application Data & Cloud Security job designs, implements and oversees security measures across development, security and operations, software as a service or platform as a service and multi-cloud environments. With minimal supervision, this job ensures the integrity, confidentiality and availability of data and applications, thereby supporting the organization's overall security posture and compliance with industry standards.

Key Accountabilities

• SECURITY FRAMEWORKS: Designs and implements development, security and operations tools and processes as well as multi-cloud control capabilities to improve security posture across the organization.
• SECURITY CONTROLS: Designs and operates software as a service or platform as a service security controls to protect applications and data in cloud environments.
• DATA MANAGEMENT: Leads data lineage, data protection and flow controls to ensure secure data handling and compliance with regulations.
• CYBERSECURITY DELIVERY: Leads cybersecurity delivery to safeguard enterprise resource planning systems and associated data, assessing and suggesting preparation for potential risks.
• PERFORMANCE MONITORING: Leads performance monitoring to assess security measure's effectiveness and efficiency and recommend areas for improvement.
• DATA PRIVACY FUNCTIONS: Engages with the data privacy function during incidents to ensure compliance and mitigate risks.
• QUALITY ASSURANCE TESTING: Performs complex quality assurance testing and proposes continuous improvements to security processes and tools.
• PERFORMANCE METRICS: Quantifies, prepares and communicates business and functional performance against objectives, ensuring alignment with organizational goals and security standards.
• COLLABORATION: Cooperates with cybersecurity peers, data privacy partners, external experts, industry consortia, and other internal and external teams to maintain effective and efficient data protection fundamentals and deliver business objectives.

Qualifications

• Minimum requirement of 4 years of relevant work experience. Typically reflects 5 years or more of relevant experience.

  Required Qualifications:

  • 5+ years of experience in software development, DevOps, and/or application security roles.

  • Proven hands-on experience with Python (Flask) and front-end development using React.js.

  • Solid understanding of AWS and its security services (IAM, KMS, Security Hub, etc.).

  • Strong knowledge of Terraform, Ansible, and CI/CD pipelines.

  • Deep understanding of AppSec fundamentals, including OWASP Top 10, secure design patterns, and code-level defenses.

  • Experience implementing or managing security tools such as Checkmarx, SonarQube, Snyk, Wiz, or GitGuardian.

  • Demonstrated ability to work cross-functionally with engineering, DevOps, and cloud teams.

  Preferred Qualifications:

  • Experience securing containerized applications (Docker, Kubernetes, EKS).

  • Security certifications like OSCP, CSSLP, AWS Security Specialty, or CISSP.

  • Experience leading security initiatives or mentoring junior engineers.

  • Familiarity with compliance frameworks (SOC2, ISO 27001, etc.) as they relate to secure software development.