Skip to main content

Cloud Information Security Advisor

  • Job Family: Cyber Security
  • Type: Full time
  • Date Posted:
  • Req #: PS69497

Location:

  • GA, Atlanta

Share:

Description

Title : Cloud Information Security Advisor

Location : This is a work from home employment opportunity.

Develops strategic and tactical plans for a comprehensive enterprise-wide information security program. Leads the development of policies, technical standards, guidelines, procedures, and other elements of an infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls. 

As a Cloud Security Executive Advisor you will combine your strong cloud background OR diverse experience within cloud platform and application security to provide cloud systems security solutions expertise in an advisory capacity. Strong understanding of cloud security requirements in regulated industry. Preferred hands-on experience with cloud technology AWS, GCP, Azure.

Apply Cloud Security Alliance (CSA) and Cloud Controls Matrix (CCM) to help establish, validate and monitor Cloud Security Controls, deliver security guidance and consults, and share input considerations that can evolve security compliance, adherence to technical requirements methodology, program capabilities and focused maturity.

Primary duties may include, but are not limited to:

  • Cloud services provisioning within the enterprises with proper administration, management, validation and oversight

  • Security baselines and guidance are integrated into business awareness and requirements

  • Compliance models for hybrid multi-tenant and multi-cloud provider environments

  • Data protected at rest and in transit as a standard

  • Support consistent Cloud IAM strategy, implementation and remediation oversight

  • Incident Response Rapid identification of incidents and recovering from Cloud breaches

  • Accountable for measuring adherence, risks and growing effective partnerships with peer teams and stakeholders to drive secure design, implementation and orchestration of complex, multi-product security solutions for enterprise cloud systems

  • Participate in architecture and security control reviews as part of the program lifecycle

  • Document and communicate where automatic provisioning of native cloud services, business application systems and adherence monitoring are and are not governed and controlled by security automation, standards, roles and policies

  • Help accelerate shift to Cybersecurity ‘Prevention and Detection’ in the support of architecture designs and planning for information and network security technologies

  • Provide technical guidance and support to business and technology associates in adherence assessments and implementation of appropriate information security procedures, standards and technologies

  • Maintain security mitigation and remediation plans; represent major upgrades and business system replacements in change control

  • Design & engineer prescriptive templates, repeatable technical solutions based on business requirements and defined technology standards; develops support procedures and performance metrics reports

  • Provide technical security guidance and leadership to technologists within the organization

  • Propose opportunities to improve security outcomes and reduce risks based on targeted or continuous assessments

  • Routinely act as a subject matter expert among peers, managers and senior management

  • Develop reports supporting adherence to prescribed standards, security absolutes and risk-based measures for Cloud Security Governance

  • Leads development of an information security risk management program that includes business, regulatory, industry practices and technical environment considerations;

  • Establishes strategic vendor relationships for security products and services;

  • Develops enterprise-wide security incident response plans and strategies that includes integration with business, compliance, privacy, and legal constituents and requirements;

  • Creates presentations and seeks IT and business management approval and acceptance of significant replacements or reconfigurations of major security technologies serving the Enterprise.

  • Provides technical guidance and leadership to the technical engineers within the organization.

Minimum Qualifications

  • Requires BS/BA in Information Technology or related field of study and a minimum of 10 years experience in systems administration and security aspects of information systems, access management and network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people; experience with multiple technical and business disciplines required; or any combination of education and experience, which would provide an equivalent background.

  • 2+ years of technical security tooling in commercial cloud environments OR Diverse experience within Platform security and applications experience to enable native cloud solutions

  • 2+ years of configurations in cloud platforms and expertise of AWS security stack e.g. CloudTrail, CloudWatch, GuardDuty, Shield Advanced, IAM policies

  • Minimum 2 years of experience supporting any cloud environment with multifactor authentication, Container Security technologies and CASB

Preferred Skills, Experiences and Competencies

  • Broad-based experience to plan and design highly complex systems is strongly preferred.

  • Expert knowledge and understanding of industry-accepted data processing controls and concepts strongly preferred as applied to Security

  • Experience or substantial knowledge in supporting competencies in cloud security standards and controls

  • Strong working knowledge and technical support experience in application development lifecycle, DevOps CI, DevOps CD or DevOps/CICD

  • Experience and working knowledge of application security testing, specifically SCA, SAST, DAST and Manual Penetration Testing

  • Technical security training and experience in any of the following cloud provider services – AWS, Azure, Google Cloud

  • Security Certifications: CISSP preferred, CCSP and other advanced technical security certifications (e.g. Information Systems Security Architecture Professional, Information Systems Security Engineering Professional, Certification and Accreditation or equivalent certifications); any level of training on Amazon Web Services (AWS), Cloud Security Alliance (CSA) Controls Matrix and CIS benchmarks

  • Demonstrate knowledge of security best practices, policies and standards to design highly secure public and private cloud architectures that support application services in-scope of HIPAA, PII and PCI regulations

  • Consultative presentations and guidance engagements with technology teams, business application owners and technology partners

  • Agile or SAFe Agile team experience for complex deliverables in matrixed environments 


Please be advised that Elevance Health only accepts resumes from agencies that have a signed agreement with Elevance Health. Accordingly, Elevance Health is not obligated to pay referral fees to any agency that is not a party to an agreement with Elevance Health. Thus, any unsolicited resumes, including those submitted to hiring managers, are deemed to be the property of Elevance Health.

Be part of an Extraordinary Team

Elevance Health is a health company dedicated to improving lives and communities – and making healthcare simpler. Previously known as Anthem, Inc., we have evolved into a company focused on whole health and updated our name to better reflect the direction the company is heading.

We are looking for leaders at all levels of the organization who are passionate about making an impact on our members and the communities we serve. You will thrive in a complex and collaborative environment where you take action and ownership to solve problems and lead change. Do you want to be part of a larger purpose and an evolving, high-performance culture that empowers you to make an impact?

We offer a range of market-competitive total rewards that include merit increases, paid holidays, Paid Time Off, and incentive bonus programs (unless covered by a collective bargaining agreement), medical, dental, vision, short and long term disability benefits, 401(k) +match, stock purchase plan, life insurance, wellness programs and financial education resources, to name a few.

The health of our associates and communities is a top priority for Elevance Health. We require all new candidates to become vaccinated against COVID-19. If you are not vaccinated, your offer will be rescinded unless you provide – and Elevance Health approves – a valid religious or medical explanation as to why you are not able to get vaccinated that Elevance Health is able to reasonably accommodate. Elevance Health will also follow all relevant federal, state and local laws.

Elevance Health has been named as a Fortune Great Place To Work in 2021, is ranked as one of the 2021 World’s Most Admired Companies among health insurers by Fortune magazine, and a Top 20 Fortune 500 Companies on Diversity and Inclusion. To learn more about our company and apply, please visit us at careers.ElevanceHealthinc.com. Elevance Health is an Equal Employment Opportunity employer and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws. Applicants who require accommodation to participate in the job application process may contact ability@icareerhelp.com for assistance.

Apply Now