COFCO International Company Profile

Senior Cloud Security Engineer at COFCO International (Barcelona, Spain)

About the Employer

Job Description

JOB PURPOSE Working as the subject matter expert in cloud security you will be responsible for defining and implementing the technology needed to meet the security policy requirements defined by our CISO. The ideal candidate will be experienced with Azure security tools, he/she will be able to write custom queries in Azure Log Analytics systems to monitor and alert on security events and incidents. Working closely with cloud and systems engineers you will define and template the system hardening based on Azure Desired State Configuration to ensure all newly deployed systems meet the required security standards. You will participate in testing new technologies and performing Proof of Concepts to help define the right tools for the job. This is a hands-on job where you will be expected to work independently defining the right technology for the job and configuring it aligned with the company security policies. KEY RESPONSIBILITIES  Work closely with the CISO and cloud engineers to implement security controls and technologies in our cloud environment. Responsible for designing security dashboards based on Azure OMS (Log Analytics) technology. Analyze and correlate infrastructure and system logs in order to identify anomalies and security risks. Work with cloud and systems engineers in the system hardening. Provide security risk assessment on all cloud systems and produce reports to meet security KPIs Responsible for the creation, maintenance, and management of cloud security design and their lower level components consistent with security policies. Research industry standards and best practices in cloud security technologies in order to advise other areas within IT. Participate in the sign off on architectural designs and lead the delivery of security aspects of solutions that meet information security standards and policies.   Provide input to the security measures and controls directly on the architectural security standards globally. Identify and recommend areas appropriate for further study and participates in any Proof of Concept projects required to thoroughly investigate secure architectural possibilities and strengthen arguments for their adoption. Identify implementation risks and analyses the potential impact on the enterprise. Recommend and participate in the design and implementation of standards, tools, and methodologies.   Participate in the review of security components of supplier RFI and RFQ responses and review of supplier SOW. Perform peer reviews of security specifications with engineering, security teams and global IT. Support development of security validation strategies Verify that compliance requirements are met with information security policies, standards & controls. Coach and mentor IT teams on security implementations on the cloud.  EXPERIENCE REQUIRED Minimum bachelor’s degree in either mathematics, physics, engineering or IT. Experience with Microsoft Azure security tools. Experience with Keyword Query Language (KQL), writing queries and creating dashboards and reports. Knowledgeable in logs correlation and implementation of SIEM systems. Experience with Windows and Linux systems hardening. Experience with Azure Desired State Configuration. Knowledge of WAF and network security technologies Demonstrable experience of working in similar roles and organizations Detailed knowledge of ITIL V3 Cyber Security related qualification(s) such as CISSP, CISM, CREST Technical Security Architect. Takes initiative, self-motivated and willing to take on responsibility for solution delivery  Can communicate clearly and precisely at multiple levels, including key stakeholders and team members as necessary. Ability to contribute to problem-solving activities and can identify practical/pragmatic solutions