Risk Assurance - Digital Trust (Cloud Trust) - Cloud and Cyber Security - Manager/ Senior Manager

Risk Assurance - Digital Trust (Cloud Trust) - Cloud and Cyber Security - Manager/ Senior Manager

PricewaterhouseCoopers GHRS Pte Ltd
Not Specified
Not Specified

Job Description


We believe that challenges are better solved together. That's why you'll join a diverse, global community of solvers - an unexpected mix of people that come together to build trust in society and solve important problems. With us, you are encouraged to lead with your heart and values, and where your unique skills are developed and put to work in unexpected and exciting ways, superpowered by technology.

Do you want to grow your professional career as a leader in a dynamic team working at the forefront of Cloud and Cyber Security We have openings in our rapidly growing Cloud Trust team, which operates across multiple technology and business domains and a range of high-profile clients in this fast-growing market. In this role, you will have an opportunity to lead the growth and development of the team as we build on our position as a market leader. At the same time, you'll be supported by our senior leadership to develop and enhance your career as a leader in the field of cloud and cyber security.
Responsibilities:
As a Cloud Trust Manager / Senior Manager, you will be leading teams to advise our clients in managing cyber security risk and compliance across a range of leading cloud services by leveraging a broad range of technical, security, risk, and compliance expertise. You will:
  • Be a subject matter expert on cloud and cyber security risk, with significant experience with one or more leading cloud platforms in the IaaS (AWS, Azure, GCP, AliCloud, Huawei Cloud) or SaaS (Office 365, Google Workspace, Salesforce) space.
  • Lead discussions with business and technology stakeholders to help develop and refine their cloud strategy, in order to streamline their cloud journey and enable a secure and compliant cloud environment.
  • Build trusted client relationships, advise and assist in the selection and tailoring of suitable approaches, controls, methodologies, and tools to drive secure and compliant cloud adoption.
  • Work with Partners and/or Directors to identify new business opportunities, drive proposals, prepare and deliver client presentations, and convert opportunities into long-term client engagements.
  • Develop sustainable client relationships across industries and sectors such as financial services, technology, telecommunications, and government/public sector.
  • Lead the design, development, and assessment of cloud technology architecture (networks, operating systems, databases, middleware, applications, etc.) and the associated security architecture (e.g., XDR, SIEM, SOAR, Cryptographic solutions, IDAM, etc.).
  • Support our clients on their cloud transformation journeys by helping them design and build secure and compliant cloud solutions. You'll be leveraging various industry standards and frameworks (e.g., CSA CSM, NIST CSF, ISO 27001, CIS), regulatory guidelines (e.g. MAS TRM, OSPAR, MTCS, SOC 2, ABS Cloud Guidelines, etc.), and PwC's Cloud Trust Framework.
  • Advise clients on designing more effective, efficient cloud security operations capabilities across a range of areas such as identity and access management, incident response, cryptographic key management, backup & recovery, third-party risk management, and others.
  • Work with clients to develop/enhance their Dev(Sec)Ops capabilities to build scalable, robust, high performing, fault tolerant, and secure software solutions using CI/CD (Continuous Integration Continuous Delivery) toolsets and automation.
  • Advise and/or engineer cloud orchestration and automation in cloud environments using tools such as Terraform, Ansible, and Puppet.
  • Lead and mentor your team, including providing on-the-job coaching, knowledge sharing, and being able to draw on subject matter specialist knowledge accordingly.
  • Share leading practices amongst the business and technology community, publish whitepapers and thought leadership articles, and participate in industry events.

Requirements and Attributes:
  • At least 5 (five) years of experience working in one or more of the following disciplines: cyber security, technology risk management, cloud/IT advisory and implementation, cloud or security software product development, security operations, or IT regulatory compliance. The seniority of the candidate is commensurate with years of relevant experience and skillset.
  • Good interpersonal and communication skills and significant experience in project management, business analysis, and secure software development life cycle (SDLC) management.
  • Demonstrated knowledge and experience working across a diverse range of technology domains (see below)
  • Degree and/or Diploma in Computer Science, Computer Engineering, Information Technology and/or a related quantitative field from a reputable university or institution.
  • Professional certification(s) in one or more areas of cloud, cyber security, technology risk management, IT audit, or architecture such as CISSP, CRISC, CISM, CCSP, CISA, CCSK, CCAK, TOGAF, etc.
  • Associate level certification (Professional level preferred) in cloud technologies for one or more cloud (IaaS, PaaS, and SaaS) service providers like AWS, Azure, GCP, AliCloud, or Huawei Cloud.

It is preferred for candidates to have broad exposure to a range of diverse technology, security concepts, tools, and methodologies, with some specific areas of focus/expertise. These may include:
  • Amazon AWS, and services such as EC2, S3, RDS, R53, AWS Direct Connect.
  • Microsoft Azure, and services such as VM, SQL DB, Blob Storage, Azure ExpressRoute
  • Google Cloud Platform, and services such as GCE, Cloud SQL, Google Cloud Dedicated Interconnect.
  • Identity and Access Management (IAM) and Privileged Access Management (PAM)
  • Application Security frameworks and standards such as OWASP
  • Security Operation
  • Logging and monitoring, and SIEM suites/associated tools
  • Networking (hardware, software, routing, firewalls, VPC, SASE)
  • Operating Systems (Windows, UNIX, Linux)
  • Containerization (Kubernetes/K8, Docker)
  • Application Management such as Elastic Beanstalk, App Engine.
  • Database / Data Warehouse such as SQL, NoSQL, Columnar, Graph.
  • Encryption and Cryptographic Key-Management
  • High Availability architecture, data backup and recovery
  • DevSecOps, CI/CD (Continuous Integration Continuous Deployment), and associated tools such as Terraform, Jenkins, Ansible, Chef, Puppet, Salt stack, etc.
  • DevSecOps Automation tools such as Boto3, Lambda, Azure Functions, Google Functions, Python, JSON.
  • Knowledge around programming or scripting languages such as Python, Node.js.

Please refer to our website to know more about us, and feel free to reach out to us if you have any questions.

Job Details

Similar Jobs

People Also Considered

Career Advice to Find Better

Simple body text this will replace with orginal content