1.844.822.0541

info@nexusgroup.ca

Nexus Systems Group

by

Senior Information Security Cloud Consultant

Story Behind the Need:
We are looking for a Senior Information Security Cloud Consultant to perform Threat Modelling of Identity and Access Management platform (Auth0), and other cloud platforms and SaaS solutions. The contractor will provide guidance to business lines to ensure that the design, development and implementation of projects and initiatives are in accordance with the Bank’s Information Security Standards and in compliance with industry regulations.

Typical Day in Role:
• You will be leading information security risk assessments and advise on risk mitigations for complex projects delivering innovative financial solutions
• You have working experience in risk assessment, creating Threat Risk Assessment (TRA) reports and data classification, and have worked with Penetration testing reports
• You are proficient in reviewing Architecture and Solution Design documentation and can identify and assess potential risks
• You are knowledgeable in security architecture principles in multiple security domains (cloud security, application security, data protection, network security, Identity and Access Management, security engineering, security governance)
• You like conducting research on the latest security technologies and standards, and learning about the threat and vulnerability landscape
• You are passionate about new cloud technologies and enjoy the challenges of implementing security controls to protect them
• You enjoy collaboration with multiple stakeholders and are comfortable working in a fast-paced environment, managing multiple projects in an agile way

Candidate Requirements/Must-Have skills:
1. Experience with Threat Modeling (SD Elements)
2. Knowledge of GCP and/or Azure Cloud Architecture
3. Understanding how to architect Cloud Native solutions
4. Strong knowledge of IAM
5. Knowledge of application security principles and controls
6. Data security and data encryption
7. Network security
8. Knowledge of GKE concepts and security controls
9. Experience with risk assessments
10. Security certification CISSP and/or CCSP, as well as GCP and/or Azure

Nice to Have Skills:
• Industry recognized security certification(s) (CISSP, CISM, CCSP)
• Certifications from major cloud providers (Google, Microsoft or AWS)
• Previous experience in large banks or corporations.
• Knowledge and/or hand-on experience of Cloud Security controls and/or Cloud Engineering (GCP and/or Azure)
• Knowledge of CI/CD pipelines

Soft Skills (Requirement):
• Excellent written, presentation, and verbal communication skills to be able to work well with technical peers and business stakeholders at different levels within the organization
• Ability to analyze complex situations and problems and do the necessary research using multiple sources of information to arrive at innovative solutions
• Ability to work as part of a team, as well as work independently or with minimal direction
• Good time management and organizational skills to effectively manage high scale projects.
• Problem resolution skills

Education/Experience:
• Minimum Bachelor’s degree in Computer Science or in a related field