Cocolevio - Security Architect - iAM/PAM

Responsibilities :

• Design and implement comprehensive security architectures for on-premises, cloud, and hybrid environments.
• Develop security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.
• Evaluate and recommend security technologies and solutions to address evolving threats.
• Lead the design and implementation of security controls for applications, systems, and networks.
• Conduct security risk assessments and vulnerability analyses to identify potential threats and weaknesses.
• Develop and implement risk mitigation strategies and remediation plans.
• Perform security audits and compliance reviews.
• Provide guidance on security best practices and risk management principles.
• Design and implement security controls for cloud platforms (AWS, Azure, GCP).
• Ensure secure configuration of cloud services and resources.
• Implement cloud security monitoring and logging solutions.
• Develop and maintain cloud security policies and procedures.
• Design and implement encryption solutions for data at rest and in transit.
• Evaluate and recommend encryption technologies and key management systems.
• Ensure compliance with data protection regulations and standards.
• Implement data loss prevention (DLP) strategies.
• Design and implement IAM solutions, including authentication, authorization, and access control.
• Develop and maintain IAM policies and procedures.
• Integrate IAM systems with applications and services.
• Implement privileged access management (PAM) solutions.
• Design and implement security controls for APIs, including authentication, authorization, and rate limiting.
• Perform API security testing and vulnerability assessments.
• Develop and maintain API security policies and procedures.
• Participate in incident response activities and provide technical expertise.
• Develop and maintain incident response plans and procedures.
• Collaborate with security operations teams to monitor and respond to security events.
• Communicate security risks and solutions effectively to both technical and non-technical stakeholders.
• Collaborate with cross-functional teams, including developers, system administrators, and business units.
• Provide security training and awareness programs.
• Document security architectures, policies, and procedures.
• Stay up-to-date with the latest security threats, technologies, and best practices.
• Research and evaluate new security solutions and methodologies.
• Drive continuous improvement of security processes and procedures.

Technical Skills & Qualifications :

• 10 years of experience in security architecture and related fields.
• Deep understanding of security principles, frameworks, and best practices.
• Extensive experience with cloud security (AWS, Azure, GCP).
• Strong knowledge of encryption technologies and key management systems.
• Expertise in identity and access management (IAM) and privileged access management (PAM).
• Experience with API security and web application security.
• Proficiency in risk management and security assessment methodologies.
• Strong understanding of network security, operating systems, and application security.
• Experience with security tools and technologies (SIEM, vulnerability scanners, penetration testing tools).
• Excellent communication and presentation skills.
• Strong problem-solving and analytical skills.
• Ability to work independently and as part of a team.

)