Description :

- Lead the design, implementation, and optimization of Cloud-based DevSecOps processes, tools, and security measures in Azure and multi-Cloud environments, ensuring the secure, efficient, and reliable delivery of products.

- Collaborate closely with Cloud Security Architects, SecOps teams, and other stakeholders to define security objectives and implement solutions that align with both business goals and functional requirements.

- Champion security integration throughout the development lifecycle by embedding security best practices, compliance standards (e.g., CIS, NIST, GDPR, ISO, CSA CCM), and risk management procedures within the Cloud environment.

- Drive the development, testing, and deployment of security-as-code across various Public Cloud platforms, Containerized environments, and CI/CD pipelines, leveraging Cloud-native tools and services.

- Ensure strict compliance with industry-standard security frameworks and regulatory controls, guiding teams through their adoption and implementation in Cloud environments.

- Advise Cloud Architects and engineering teams on design decisions that balance security, scalability, and maintainability, ensuring secure and robust architecture for Cloud services and CI/CD pipelines.

- Facilitate the integration of Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Dynamic Application Security Testing (DAST) into development pipelines, advocating secure coding practices.

- Foster a culture of continuous improvement, cross-functional collaboration, and knowledge sharing across technical and business teams to advance Cloud security initiatives.

- Lead efforts to remediate security vulnerabilities in Cloud infrastructure and applications, providing guidance on the resolution of identified risks.

- Continuously evaluate and integrate new technologies and industry best practices to improve the organization's Cloud security posture and maintain compliance with evolving security standards.

- Design and implement solutions for Cloud-based Key Management Services (KMS) integration with various tools and applications to ensure secure data management.

- Leverage automation to enforce security and compliance policies throughout the development lifecycle, integrating them within CI/CD processes.

- Proactively monitor and refine the security posture of the organizations Cloud environments using Cloud-native tools, security guardrails, and continuous monitoring practices.