With the exception of independent contractors, applicants for this role will be engaged through Randstad company. When making this application your details will be automatically shared with Randstad company for registration with them, who may also contact you about other opportunities with other clients.

Philips

Cloud Security Specialist (Freelance)

Posted Mar 22, 2022
Project ID: PHILJP00024869
Location
Best, Brabant
Hours/week
40 hrs/week
Timeline
3 months
Starts: Apr 15, 2022
Ends: Jul 31, 2022
Payrate range
52 - 76 €/hr
Application Deadline: Apr 15, 2022 12:00 AM

In your primary role will be supporting a Cloud project initiative within the Secure Foundation teams within Philips Group Security (GS-IS).
You will be defining the controls relevant for cloud deployments and workloads on topics like storage, perimeter and zoning, API design, microservices, Key vaults, containerization, and Kubernetes services. 

You will define controls for the Philips Security Management framework (SMF) to address weakness and threats within new and existing cloud deployments (IaaS, PaaS and SaaS) and associated processes, provide guidance to stakeholders to remediate or mitigate security weakness present in the cloud services, define security capabilities in the area of zoning, firewalling, system hardening, asset registration, vulnerability management, encryption, cloud-native/Microservices architecture and secure software development. 

Your role is to define security guidance and documentation for various public clouds (Google, Alibaba AWS and Azure) and also helps to improve and develop new design and security strategies across all types of cloud-based applications (including Infrastructure, Platform and Software as a services).

You need to have experience and extensive knowledge on multiple technologies and solutions to the team?s collective skills and expertise to further enhance the ability to provide secure technical design recommendations, creating and updating the existing standards and baselines targeting the delivery of business value through the successful projects and programs delivery. 

The role requires technical expertise in multiple disciplines within Google and Alibaba Cloud, including application security, networking, vulnerability management, perimeter control, lifecycle management, Encryption and Secure development.

Key Area of Responsibility
Key responsibilities include:

  • Follow and understand key technology trends and advancements in security capabilities that pertain to 
    Cloud security & Network Technologies.
  • Perform security architecture maturity assessment to identify weakness within new and existing 
    information technology systems and associated process.
  • Actively lead the creation and updating of Security standards, Baselines, and reference architectures. These reference architectures, Standards and Baselines, will provide direction and guidance on proper compliance with defined standards while ensuring is deploying secure infrastructure Solutions.
  • Responsible for leading Cloud and Network assessments, making decisions on threat modeling and proper security service design and implementation.
  • Communicate and collaborate with cross-functional peers within Secure Foundation and outside the team (Governance and Risk Compliance, GRC) of Information Technology and Cloud Standards and Baselines.
  • Monitor and enhance secure architectures Standards within the SDLC process and Information security risk assessment review session.
  • This role will influence and regular collaborate with GRC and Cloud Architecture teams that influence the creation and maturing of security policies, standards, and reference architectures.
  • Processes deep knowledge on technical architecture spanning across multiple public cloud providers especially on Google and Alibaba Cloud.
     

Knowledge & Skills

  • The ideal candidate must have a minimum 6+ years of expertise in:
  • Developing and updating cloud templates, standards, baselines, and best practices to be used by multiple cloud projects.
  • Strong foundation across Alibaba and Google cloud technology stack and security offerings and the ability to communicate security and risk related concepts including expertise in VPC, Traffic Manager, Cloud Enterprise Network (CEN), Express Connect, Content Delivery Networks (CDN), Elastic Container instances, Service Mesh, Kubernetes, Anti-DDoS, Web Application Firewall (WAF), Security Center, Action Trail, Cloud Config, Key Management Services (KMS), Google Kubernetes Engine (GKE), Security Command Center, Google Cloud Armor, Cloud Firewalls, Secret Manager, Web Security Scanner etc.
  • Good understanding and solution design experience primarily with Google and Alibaba Cloud. Knowledge of additional cloud technology such as AWS & Azure is an added advantage.
  • Standardizing Alibaba and Google Cloud best practices, standards and baselines process and procedures.
  • Building and operating automated security and networking operations.
  • Strong knowledge of industry trends in cloud security technologies and security best practices.
  • Knowledge of privacy regulation (e.g., GDPR) and understanding of how information security needs to comply with those requirements.
  • Experience with defining and building a Security Compliance KPI dashboard 
  • Familiarity with ISO/IEC 27001, ISO/IEC 27017, NIST 800-53 frameworks, OWASP & CIS Benchmarks.
  • Has a bachelor's degree; or other advanced degree is highly desired.
  • Relevant certification: Cloud Security Certified Professional (CSSP), Professional Cloud Security Engineer (Google) and Alibaba Cloud Security (Associate/Professional) etc.

Similar projects

Test Engineer – Scanners, Digital and Computational Pathology (DCP)
5684 PC Best - 40 hrs/week
Senior Systems engineer - MBSE
HTC Eindhoven - 40 hrs/week
NL-RD
5684 PC Best - 40 hrs/week
+ Search all projects