Associate Director of Cloud Security Engineering at IHS Markit Digital
Reporting to the global head of cloud security at IHS Markit, you will lead the cloud security engineering function area as a hands-on leader with a primary focus on AWS and VMC, and secondary focus on Azure and GCP. You will be responsible for managing all cloud security engineers and executing on engineering related projects. You will mentor and guide junior members of the cloud security team and partner with stakeholders across information security and other IHS Markit organizations to continually improve IHS Markit’s cloud security posture.
Emphasis will be on the following objectives:
- Mentorship and coaching of all cloud security engineering resources and maintaining partnerships with resources who work with the cloud security engineering resources
- Working with project management resources to commit resources against iterations to deliver security engineering solutions to IHS Markit
- Creating and overseeing the high-quality delivery of security automation for response and remediation of compliance findings and hardening of AWS and VMWare Cloud on AWS (VMC) environments primarily, and Azure or GCP secondarily
- Onboard and overseeing the high-quality delivery of corporate and open-source security tools into build pipelines including SAST, DAST, TVM and anti-virus tools and creating custom tooling where needed to fill in gaps
- Lend your expertise in defining security strategy and design principles for platforms such as Kubernetes, containers, and VDI/DaaS
- Partner with the cybersecurity operations center (CSOC), offensive security operations and threat intelligence teams to improve their cloud security capabilities
- 7+ years of experience in cloud security engineering in either a managerial or team lead position
- Expertise managing product roadmaps or leading the technical delivery of projects – including resource allocation, schedule management and proactively removing blockers
- Thorough understanding of security requirements, best practices and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS
- Deep expertise in scripting language on Windows and Linux-based operations systems. (Python is primarily desired)
- Deep expertise with an infrastructure as code (IAC) tool – CloudFormation and/or Terraform
- DevSecOps expertise with automation technologies for the development of large-scale and highly available CI/CD and security automation using cloud native tools
- Expertise with developing technical controls for major compliance frameworks such as SOC 2, ISO 27001, CSA CCM, NIST 800-53/FedRAMP/ITSG-33, etc.
- Experience working with host-based controls in a large, decentralized environment such as anti-virus/anti-malware, host-based IDS/IPS and digital forensics tools
- Ability to create and aggregate security data engineering pipelines to collect various logs across multiple accounts and environments
- Strong architectural and business analysis knowledge highly desired – able to work with project management resources to define and commit work to an agile iteration
- Network security experience relative to securing VDI/DaaS deployments on AWS (AWS WorkSpaces, AWS AppStream 2.0, AWS Cloud9) is desired
- Security engineering expertise in a secondary public cloud provider: Google Cloud Platform (GCP) or Microsoft Azure
- While not required, experience developing and securing microservices (Kubernetes, Istio/AWS App Mesh, Calico) is highly desired
- An advocate and a mentor – you can teach junior and senior members of the team and are willing to contribute to cloud security thought leadership throughout IHS Markit
- A naturally curious self-starter - you can deliver on requirements with some limited guidance or supervision, as needed by you and the team
- A relentless learner - you actively seek to add to your skillset and knowledge base while challenging the status quo to drive efficiency in the team
- Strong interpersonal skills – you can communicate with a wide range of technical and non-technical teams
- Insist on the highest standards within the team and actively share your perspectives with the team and the larger information security organization
What we offer:
- Access to the most interesting information technologies
- The ability to implement your own ideas and solutions
- Participation in conferences and training for Information Security qualifications
We pride ourselves on our agility and diversity, and we welcome requests to work flexibly. For most roles, flexible hours and/or an element of remote working are usually possible. Please talk to us during the interview about the type of arrangement that is best for you. We will always try to be adaptable wherever we can and in accordance with local and regional practices.
We are over 14,000 analysts, data scientists and specialists armed with real-time technology and data, working together to uncover deeper sources of information. The unique insights we provide help the industries and markets that drive our economies operate more efficiently, outpace competition and secure long-term success. Our global insights impact nearly every major sector - from aerospace to automotive. We empower our customers by isolating cause and effect, risk and opportunity in new ways so they can make well-informed decisions with greater confidence. This is a force we call The New Intelligence.
Boundaries belong on maps, not in your work. Start every day at IHS Markit with the excitement of what’s next, by working with people from across the globe on interesting, cutting-edge projects and gaining once-in-a-lifetime learning experiences. It is easy to be passionate and invested in your work here, knowing you are causing an effect for some of the world’s most influential companies. You’ll get to be hands-on with, and see the direct impact, of your work. Career satisfaction just comes with the territory here.