The Cybersecurity Infrastructure Governance Director is responsible for leading and overseeing the governance of cloud cybersecurity infrastructure within the organization. The role will ensure compliance on cloud security standards, technical configuration guidelines, and patch management. The Head of Cloud Cybersecurity Infrastructure Governance also oversees application security assurance and manages the cloud posture through Cloud Security Posture Management (CSPM) tools and plays a critical role in ensuring the security and compliance of the organization's cloud environment.
-
Security Compliance: Develop and maintain a security strategy and roadmap, aligning it with the organization's overall cybersecurity strategy and business objectives that cover Cloud, Network, 5G, IoT, IIoT, and AI amongst other enterprise-wide infrastructure security requirements. Develop, review, and enforce infrastructure security policies, standards, and procedures to establish guidelines for secure cloud usage, data protection, access controls, encryption, and incident response. Develop risk mitigation strategies, controls, and remediation measures to address identified risks effectively in the cloud. Collaborate with internal audit teams, external auditors, and regulatory authorities to demonstrate compliance and address audit findings. Monitor and analyze cloud incident and threat intelligence data to identify patterns, trends, and potential risks. Use this information to enhance enterprise infrastructure security controls and proactively mitigate emerging threats.
-
Technical Configuration Compliance: Review enterprise infrastructure architectures, configurations, and deployment models on their alignment with industry best practice, defined security frameworks of the organization aligned to regulatory guidelines. Establish and maintain technical configuration standards for cloud infrastructure components, ensuring adherence to security best practices and industry standards and oversee the tracking of changes to IT assets, configurations, and settings throughout their lifecycle. Develop configuration hardening measures to reduce the attack surface and mitigate common security vulnerabilities and misconfigurations. Oversee the documentation of security baseline configurations, standard operating procedures (SOPs), and configuration management plans for IT systems and environments.
-
Patch Management: Oversee the development and implementation of patch management processes for enterprise infrastructure (Cloud, Network, 5G, IoT, IIoT, and AI, etc.), ensuring timely and effective patching of vulnerabilities to mitigate security risks. Ensure governance of patch management processes to identify, prioritize, test, and deploy security patches and updates for operating systems, software applications, firmware components of the cloud infrastructure across cloud platforms (distributed edge, HPC, Sovereign). Ensure the implementation of timely patching of vulnerabilities to mitigate risks.
-
Application Security Assurance: Oversee the implementation of application security controls and assurance processes in the cloud environment, including secure coding practices, vulnerability assessments, penetration testing, and reviewing of firewalls. Define and promote secure coding standards, best practices, and coding guidelines for developers. Oversee the team that performs static code analysis and dynamic application security testing to identify security vulnerabilities, code-level weaknesses, and runtime errors in software applications and guide them in leveraging automated testing tools to assess application security. Define secure configuration management practices for application servers, web servers, databases, and middleware components.
-
Cloud Security Posture Management (CSPM): Implement and manage Infrastructure Security Posture Management tools to continuously monitor and assess the security posture of the organization's Cloud, Network, 5G, IoT, IIoT, and AI, etc. infrastructure. Prioritize and remediate security vulnerabilities, configuration errors, and non-compliant settings to reduce risk exposure and strengthen the security posture of the cloud. Define security baselines and configuration profiles for cloud services and resources, including virtual machines, containers, databases, and storage buckets. Guide the team on utilizing cloud-native automation tools, scripts, and APIs to automate remediation actions and enforce security controls. Coordinate and participate in cloud security audits and assessments to evaluate the effectiveness of security controls, identify gaps, and recommend remediation actions.
