The Cybersecurity Specialist (Cloud and Application Security) is responsible for supporting the organization's cybersecurity strategy and program by implementing security architectures, policies, and procedures focused on cloud and application security. This role will help mitigate risks, ensure compliance, and support digital transformation initiatives.

Roles and Responsibilities

• Develop and implement cybersecurity policies, standards, and procedures related to cloud and application security.

• Monitor, analyze, and respond to security threats and incidents in cloud and application environments.

• Perform security assessments and audits for cloud services and applications to identify vulnerabilities and recommend remediation actions.

• Provide security expertise and guidance for digital transformation projects with a focus on cloud and application security.

• Conduct root cause analysis for security incidents and recommend proactive solutions.

• Implement and manage security controls for cloud infrastructure, applications, and related assets.

• Support security breach response efforts, advising management and key stakeholders.

• Manage and operate security tools, including SIEM, MDR, and cloud security platforms.

• Ensure compliance with industry security standards and regulations, such as ISO 2700x, NIST, COBIT, PCI-DSS, PIPEDA, and PHIPA.

Qualifications and Skills

• Strong knowledge of cloud security best practices, identity and access management (IAM), and application security principles.

• Experience with security monitoring and threat detection for cloud environments.

• Knowledge of cybersecurity frameworks such as Zero Trust Architecture and ISF Standards of Good Practice for Information Security.

• Hands-on experience with security incident response and digital forensics in cloud environments.

• Strong communication and collaboration skills to work effectively with cross-functional teams.

Education

• Bachelor's degree in Computer Science, Information Technology, or a related field.

• Relevant industry certifications such as CISSP, CISA, CRISC, or SABSA.

• Cloud security certifications (e.g., AWS Certified Security, Microsoft Certified: Azure Security Engineer Associate) are highly desirable.

Nice-to-Haves

• Experience with DevSecOps practices and security automation.

• Familiarity with container security and microservices architecture

Benefits

• Hybrid work environment offering flexibility and work-life balance.

• Professional development and certification support.

• Competitive salary and comprehensive benefits package.