Reporting to the global head of cloud security at IHS Markit, your work will focus primarily on AWS with a secondary focus on VMC, Azure and/or GCP as needed. You will mentor and guide junior members of the cloud security team and partner with stakeholders across information security and other IHS Markit organizations to deliver solutions that harden IHS Markit’s cloud security posture.
Emphasis will be on the following objectives:
· Creating security automation for response and remediation of compliance findings and hardening of AWS and VMWare Cloud on AWS (VMC) environments primarily, and Azure or GCP secondarily
· Onboard corporate and open-source security tools into build pipelines including SAST, DAST, TVM and anti-virus tools using Cloud native and open-source tooling and create custom tooling where needed to fill in gaps
· Partner with the cybersecurity operations center (CSOC), offensive security operations and threat intelligence teams to onboard new services for the purpose of detection and predication of events
· 0 – 2 years of experience of cloud security engineering on AWS
· Basic understanding of security requirements, best practices and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS
· Basic understanding of Lockheed Martin’s Kill Chain or MITRE ATT&CK
· Basic understanding and exposure to automation using scripts and CI/CD pipelines with cloud native or open-source technologies
· Basic experience with a scripting language such as Bash or Python
· Basic understanding of Windows and Linux platforms in the lens of investigations, configuration management and patch management
· Knowledge of Google Cloud Platform (GCP) or Microsoft Azure security concepts in a secondary capacity is strongly desired, but not required
· A naturally curious self-starter - you can deliver on requirements with some limited guidance or supervision, as needed by you and the team
· A relentless learner - you actively seek to add to your skillset and knowledge base while challenging the status quo to drive efficiency in the team
· Strong interpersonal skills – you can communicate with a wide range of technical and non-technical teams
· Insist on the highest standards within the team and actively share your perspectives with the team and the larger information security organization
What we offer:
· Access to the most interesting information technologies
· The ability to implement your own ideas and solutions
· Participation in conferences and training for Information Security qualifications
We pride ourselves on our agility and diversity, and we welcome requests to work flexibly. For most roles, flexible hours and/or an element of remote working are usually possible. Please talk to us during the interview about the type of arrangement that is best for you. We will always try to be adaptable wherever we can and in accordance with local and regional practices.
We are over 14,000 analysts, data scientists and specialists armed with real-time technology and data, working together to uncover deeper sources of information. The unique insights we provide help the industries and markets that drive our economies operate more efficiently, outpace competition and secure long-term success. Our global insights impact nearly every major sector - from aerospace to automotive. We empower our customers by isolating cause and effect, risk and opportunity in new ways so they can make well-informed decisions with greater confidence. This is a force we call The New Intelligence.
Boundaries belong on maps, not in your work. Start every day at IHS Markit with the excitement of what’s next, by working with people from across the globe on interesting, cutting-edge projects and gaining once-in-a-lifetime learning experiences. It is easy to be passionate and invested in your work here, knowing you are causing an effect for some of the world’s most influential companies. You’ll get to be hands-on with, and see the direct impact, of your work. Career satisfaction just comes with the territory here.