Talent.com
Cloud Security Consultant

Cloud Security Consultant

ArctiqNashville, TN, US
5 days ago
Job type
  • Full-time
Job description

Job Description

Job Description

Salary : Company Overview :

Arctiq is a leader in professional IT services and managed services across three core Centers of Excellence : Enterprise Security, Modern Infrastructure and Platform Engineering. Renowned for our ability to architect intelligence, we connect, protect, and transform organizations, empowering them to thrive in today's digital landscape. Arctiq builds on decades of industry expertise and a customer-centric ethos to deliver exceptional value to clients across diverse industries.

Position Overview

We are looking for a highly skilled and motivated Cloud Security Consultant to join our team. In this role, you will be a key contributor in defining, architecting, and implementing cloud security best practices for our clients. You will be responsible for helping customers secure their cloud environments, implement zero-trust architectures, and integrate robust application security controls into their DevOps pipelines.

Role Responsibilities

  • Guide end-to-end client involvement, covering opportunity identification, proposal processes, architecture and design, and project delivery following industry best practices.
  • Act as a subject matter expert for securely developing applications and deploying them into cloud environments.
  • Lead clients towards industry best practices in cloud security, including WAF, IAM, hardening, load balancing, and zero trust.
  • Collaborate with client development teams to implement application security practices (separation of duties, etc.) and technologies (such as SCA / SAST / SBOM) across the Software Development Life Cycle (SDLC).
  • Develop innovative solutions, architectures, proof of concepts, demo / lab environments, and compelling business cases for application and cloud security.
  • Work closely with the Project Management Office (PMO) to provide visibility into project delivery scope, timelines, and expectations. Ensure the delivery of high-quality projects on time and within budget.
  • Collaborate with Partner and Marketing teams to develop content, including sales collateral, blog posts, podcasts, and live workshops. Present at company and partner events, contributing to thought leadership in the industry.
  • Provide mentorship and coaching to junior team members, fostering professional development. Actively participate in professional associations, industry events, and community engagements, contributing intellectual property (IP) development.
  • Keep abreast of industry trends and technology developments by maintaining partner certifications and actively participating in technology events.
  • Develop and lead the vision for building and scaling a modern cloud security practice.

How will you stand out?

  • Lead and perform comprehensive cloud security assessments, focusing on governance, Identity and Access Management (IAM), network security, and data protection.
  • Design and implement Zero Trust Network Access (ZTNA) solutions, with a focus on platforms like Cloudflare Zero Trust.
  • Advise and guide customers on Application Security (AppSec) best practices, including the implementation of quality gates and security scanning tools (e.g., Wiz Cloud, Snyk, Checkmarx, SonarQube) within CI / CD pipelines.
  • Knowledge of SCA, SAST, DAST, IAST, RASP tools for meticulous source code and application security and vulnerability analysis.
  • Knowledge of CNAPP concepts and seamless integration within AWS, GCP, Azure environments.
  • Knowledge of container and Kubernetes hardening, emphasizing security best practices.
  • Knowledge of secure coding practices and the ability to review and provide guidance on application code for security vulnerabilities.
  • Capable of conducting security code reviews to identify complex security issues that automated tools might miss.
  • Experience in integrating security seamlessly into SDLC CI / CD pipelines for automated checks and validations.
  • Proficiency in conducting threat modeling exercises to identify and mitigate potential security threats early in the development process.
  • Implementation of secure logging practices with observability tools for proactive threat detection.
  • Ability to create and maintain comprehensive security documentation, including requirements and guidelines.
  • Proactive promoter of a security-first mindset, advocating robust security within the DevOps culture.
  • Enthusiastic about Application and Cloud Security, staying abreast of industry advancements and driving improvements.

    • What will you bring to the role?

  • Over 5 years of hands-on experience in technical infrastructure (cloud and on-premise), encompassing systems design, deployment, maintenance, and troubleshooting.
  • Over 2 years of experience with provisioning infrastructure through IAC (preferably Terraform) and cloud automation principles
  • Demonstrated and applied experience in establishing and delivering complex projects, showcasing a track record of successful implementations.
  • Experienced in configuring, deploying, and maintaining containers and related orchestration platforms, including Docker, Kubernetes, OCP, GKE, and AKS.
  • Proficient use of SCM tools such as Git, GitHub, and GitLab for efficient version control and collaborative development.
  • Experience with automation and configuration management solutions, utilizing tools like Ansible, Terraform, Octopus Deploy, AWS Config, and Azure Automation & Control.
  • Experience in secrets management solutions like KMS, HSMs, Hashicorp Vault
  • Proven experience in cloud security, with a strong understanding of major cloud platforms (AWS, Azure, GCP).
  • Hands-on experience with cloud security assessments and compliance frameworks.
  • Expertise in Zero Trust architectures and solutions.
  • Deep knowledge of Application Security (AppSec) principles and security scanning tools.
  • Experience in a professional services or consulting practice, with the ability to multitask and engage with multiple clients simultaneously.
  • Strong communication and client-facing skills, with the ability to translate complex technical concepts into clear business value.

    • Desired Certifications :

  • Preference will be given to those applications who have some of the following, general cyber security certifications may also be considered.
  • SAST tools (Snyk, Checkmarx, GitHub Advanced Security)
  • CNAPP tools (Lacework, Aqua, SysDig)
  • Public Cloud Professional Certifications (Azure, AWS, GCP)
  • CNCF Kubernetes Certification (CKA, CKS)
    • Create a job alert for this search

    Cloud Consultant • Nashville, TN, US