IT Security Manager providing operational leadership for ICBC’s IT security program. Enhancing cyber security practices and managing security initiatives in a dynamic, hybrid cloud environment.
About the role
- Cloud Security & Application Security Engineer at Cellulant enhancing security across cloud-native platforms and applications. Working in a hybrid role to support a leading payment service provider in Africa.
Responsibilities
- Architect, deploy, and maintain cloud-native security controls across AWS environments
- Implement and optimize CSPM, CIEM, CWPP, CDP, and container security tools
- Define/Enhance secure cloud patterns for compute, network, storage, IAM, secrets management, and multi-account strategies
- Build/enhance and enforce least-privilege IAM policies, service roles, and credential lifecycle management
- Support cloud hardening (OS-level and service-level), encryption, key management (KMS), and network segmentation
- Perform threat modeling, secure code reviews, architecture reviews, and security assessments across multiple codebases
- Partner with engineering teams to continually embed security into SDLC, CI/CD pipelines, and DevSecOps workflows
- Secure APIs, microservices, backend services, and distributed systems using best practices and industry frameworks
- Enhance secure coding standards, patterns, and reusable security modules
- Support API security design, testing, and governance across internal and external integrations
- Perform security reviews for REST, event-driven, and payment-processing APIs
- Ensure strong authentication (OAuth2, OIDC, mTLS) and secure token design
- Harden and secure workloads, containers, and orchestration platforms (Docker, Kubernetes)
- Review/enhance runtime detection & response (EDR/XDR) for cloud-native environments
- Ensure secure configurations, kernel-level protections, logging, and monitoring
- Automate cloud and application security tasks using Python, Bash, Terraform, CloudFormation and/or CI/CD workflows
- Develop automated guardrails, policy-as-code, and security-as-code pipelines
- Support the SOC team to develop and maintain security detection rules, alerts, and response playbooks
- Perform deep technical investigation of cloud, application, and API security incidents
- Collaborate with the SOC team to improve signals, automate responses, and reduce MTTD and MTTR
- Ensure alignment with PSP security requirements including PCI DSS and BFSI-grade controls
- Support security testing, continuous monitoring, and continuous assurance for payment platforms
- Partner with the Infosec GRC team during audits, pentests, and regulatory assessments
- Advise product, engineering, and DevOps teams on secure architectures and design choices
- Provide training and champion a “secure-by-default” engineering culture
- Operate as a senior technical security expert without direct managerial responsibilities
Requirements
- 6+ years experience in information security, with at least 4+ years focused on cloud and application security
- Strong hands-on expertise with AWS (preferred)
- Deep experience securing Linux-based cloud workloads
- Strong understanding of: API security architectures, Microservices and container ecosystems, CI/CD pipelines, DevSecOps principles, Infrastructure as code (Terraform, CloudFormation), Security as code
- Practical experience remediating vulnerabilities identified through SAST/SCA/DAST/container scanning tools
- Strong programming or scripting skills (Python, Bash, or Go preferred)
- Experience with Kubernetes, container hardening, and runtime security solutions
- Prior work in fintech, PSPs, BFSI, or other high-compliance environments is highly desirable, but not mandatory.
Benefits
- Generous personal time off
- Medical and life insurance benefits (markets permitting)
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Officer ensuring safety and security of Yankee Candle assets and personnel. Responsiblities include monitoring, patrols, incident response, and safety training at the corporate campus.
Senior Specialist in Information Security Governance, Risk & Compliance at Cellulant, driving information security, privacy, and compliance standards within BFSI context.
IT Audit Consultant joining Baker Tilly to manage technology risks for clients, offering strategic advice and audit support. Engaging with client executives to ensure compliance and operational efficacy.
Senior Health and Safety Advisor overseeing health and safety on construction projects for Aecon. Ensuring compliance with SST legislation and promoting zero accident culture.
Senior Information Security Specialist executing Daikin Europe’s Information Security strategy. Collaborating with leadership to ensure our systems and services remain secure and compliant with regulations.
Experienced Information Security Officer at Daikin responsible for defining Information Security strategy and ensuring compliance with regulatory frameworks. Collaborating with external specialists and mentoring junior team members in EMEA.
Industrial Security Specialist conducting daily security functions and providing technical support within Booz Allen. Focused on protecting company and government assets while handling classified materials.
Security Specialist ensuring the protection of company and government assets. Conducting daily security functions and providing technical support while maintaining compliance with regulations.
Cyber Security Architect at Booz Allen supporting program management of cybersecurity tools suite and Zero Trust Architecture roadmap. Lead technical efforts in modern security practices and team collaboration.