Cloud Security Delivery Lead

Job Description:

Must-have skills for this role: CPSM SME, Microsoft Defender for Cloud CSPM, Prisma Cloud CSPM

Cloud Security

Drive reduction of month over month misconfiguration rates

Identify and improve efficacy of remediations for cloud native technologies

Auto-scan workloads for vulnerabilities, audit IAM for least privilege, and manage privileged access.

Manage Cloud IAM roles, privileged identities and client secrets

Continuously monitor cloud-native security, analyze logs in real time, correlate alerts, provide recommendations for remediation actions performed by Cloud infrastructure support teams

Utilize scanning outputs cloud workloads, prioritize risks, and provide recommendations on hardening and patching

Audit IAM, detect access risks, manage privileges, and enforce MFA

Cloud Security Posture Management

Leverage compliance controls framework to standardize secure design and build of cloud workloads and remediate any configuration drifts identified

Leverage Prisma Cloud for continuous, real-time discovery and inventory of all cloud resources across Azure, AWS & OCI

Improve policies and rules for identification of misconfigurations across cloud resources

Leverage insights via compliance reports and dashboards to improve the efficacy of secure design principles

Ensure regulatory compliance in alignment with Halliburton's security policies using Cloud Security Posture Management (CSPM).

Monitor, prioritize, & analyze cloud alerts & incidents related to configuration changes and network issues.

Provide remediation, least privilege, and data exposure guidance from CSPM findings

Provide insights via reporting on configuration drifts, risks and compliance gaps of the security of the cloud environment per agreed frequency

Maintain and monitor Cloud Security Posture Management (CSPM) capability across cloud environments

Monitor and enforce CSPM compliance policies according to the applicable industry standards and Halliburton s security requirements

Review and investigate alerts from CSPM w.r.t data security, entitlement management, vulnerabilities, or misconfigurations

Evaluation of resources for misconfigurations, vulnerabilities, infrastructure entitlement, data security posture, and company policy violations that require remediation