Cloud Security Specialist

Cloud Security SpecialistAt CGI, our success comes from the talent and commitment of our professionals. As one team, we share the challenges and rewards that come from growing our company. All of our professionals benefit from the value we collectively build.Be part of something innovative and take control of your future! Are you ready for the responsibility of working with high profile clients in the world’s most exciting sectors? Do you want to take your career to the next level as part of a multifaceted company that gives you a direct stake in its success?Position: Cloud Security SpecialistLocation: Can be situated within proximity of a CGI officeSecurity Clearance: Must be able to obtain at minimum Enhanced Reliability ClearanceYour future duties and responsibilitiesCloud Security Strategy and Implementation:• Develop and implement a comprehensive cloud security strategy in line with industry best practices and regulatory requirements.• Design and deploy security architectures for cloud-based applications and services.• Ensure secure configuration and management of cloud infrastructure (e.g., AWS, Azure, Google Cloud).Risk Assessment and Management:• Conduct regular risk assessments and vulnerability analyses to identify potential security threats to cloud environments.• Implement and maintain security controls to mitigate identified risks and vulnerabilities.• Develop and enforce policies and procedures for cloud security risk management.Security Monitoring and Incident Response:• Monitor cloud environments for security breaches, incidents, and anomalies using security information and event management (SIEM) tools.• Respond to and investigate security incidents, providing timely resolution and mitigation.• Conduct post-incident analysis and develop strategies to prevent future incidents.Compliance and Governance:• Ensure cloud environments comply with relevant security standards, regulations, and frameworks (e.g., ISO 27001, NIST, GDPR, HIPAA).• Develop and maintain documentation for cloud security policies, procedures, and guidelines.• Coordinate with internal and external auditors during security assessments and audits.Collaboration and Training:• Collaborate with IT, DevOps, and development teams to integrate security best practices into cloud infrastructure and applications.• Provide training and guidance to employees on cloud security practices and awareness.• Stay current with the latest cloud security trends, threats, and technologies.Automation and DevSecOps:• Implement security automation tools and scripts to streamline security processes and reduce manual effort.• Integrate security controls into CI/CD pipelines to ensure continuous security throughout the software development lifecycle (SDLC).Identity and Access Management (IAM):• Manage and configure IAM policies and roles to ensure appropriate access controls are in place.• Monitor and audit user access to cloud resources to detect and respond to unauthorized access attempts.Encryption and Data Protection:• Implement encryption mechanisms to protect sensitive data in transit and at rest in cloud environments.• Ensure proper key management practices are followed for cloud-based encryption.Required qualifications to be successful in this role• Bachelor's degree in Information Security, Computer Science, or a related field.• Minimum of 3-5 years of experience in cloud security or a related role.In-depth knowledge of cloud security frameworks and best practices.•Currently have or have the ability to obtain enhanced Reliability Security Clearance or higher ( SECRET).• Experience with cloud platforms such as AWS, Azure, or Google Cloud.Strong understanding of network security, encryption, and identity management in cloud environments.• Proficiency with security monitoring and incident response tools.Relevant certifications (e.g., AWS Certified Security – Specialty, Certified Cloud Security Professional (CCSP), CISSP) are highly desirable.• Excellent problem-solving and analytical skills.Strong communication and collaboration skills.Preferred Skills:• Experience with DevSecOps practices and integrating security into CI/CD pipelines.• Familiarity with infrastructure-as-code (IaC) tools (e.g., Terraform, CloudFormation).• Knowledge of container security and orchestration tools (e.g., Kubernetes, Docker).• Understanding of compliance and regulatory requirements related to cloud security.