Job Description

SUMMARY About tsworks: tsworks is a leading technology innovator, providing transformative products and services designed for the digital-first world. Our mission is to provide domain expertise, innovative solutions and thought leadership to drive exceptional user and customer experiences. Demonstrating this commitment , we have a proven track record of championing digital transformation for industries such as Banking, Travel and Hospitality, and Retail (including e-commerce and omnichannel), as well as Distribution and Supply Chain, delivering impactful solutions that drive efficiency and growth. We take pride in fostering a workplace where your skills, ideas, and attitude shape meaningful customer engagements. Cloud Security & Compliance Specialist We are looking for an experienced Security & Compliance Specialist to oversee the organization's Cloud Security, ISO certifications, SOC 2 compliance, security audits, and governance. The candidate will ensure end-to-end security across cloud infrastructure, applications, and data, conducting penetration testing, IT risk assessments, and security monitoring while managing security tools and compliance frameworks. Requirements Responsibilities Oversee security for Azure Entra ID, AWS IAM, and Google IAM with a focus on identity security. Enforce multi-cloud security best practices, including encryption and data protection. Define and implement Zero Trust Architecture and secure cloud network segmentation. Establish and maintain IT security policies and standards aligned with industry best practices. Implement and manage CSPM and CWPP tools to enhance cloud security posture. Manage ISO 27001, ISO 42001, and SOC 2 certifications, ensuring compliance through audits. Conduct risk assessments and compliance reviews across multi-cloud environments. Ensure adherence to cloud security frameworks (ISO 27017, ISO 27018, CIS, NIST, CSA CCM). Drive security initiatives through GRC frameworks and governance models. Define and enhance IT security policies, conducting periodic audits for compliance and risk mitigation. Perform penetration testing and cloud-native security assessments, identifying misconfigurations and vulnerabilities. Integrate DevSecOps within CI/CD pipelines to fortify security in development workflows. Manage SIEM solutions (Azure Sentinel, Defender for Cloud) for real-time threat detection. Oversee Microsoft security tools (M365 Defender, Intune, SCCM) for endpoint security. Investigate security incidents, perform root cause analysis, and implement preventive measures. Automate security processes using Power Automate, Power BI, and scripting Secure cloud networking (Azure VNet, AWS VPC, GCP VPC) and enforce VPN & hybrid security. Implement Zero Trust principles and strengthen Identity & Access Management (IAM). Key Attributes and Qualifications 5+ years of experience in cybersecurity, compliance, or cloud security roles, with expertise in automating security workflows and managing multi-cloud security environments. Expertise in Cloud Security (Azure, AWS, GCP) and Microsoft Security Stack with hands-on experience in SIEM, SOAR, EDR/XDR, CASB, CSPM, and vulnerability management. Preferred certifications include ISO/IEC 27001:2022 Lead Auditor, ISO/IEC 42001:2023 Lead Auditor, SOC 2 Compliance Certification, Security Operations Analyst (SC-200), Microsoft Certified: Cybersecurity Architect Expert (SC-100), AWS Certified Security Specialty, and Azure Security Engineer Associate (AZ - 500). Strong understanding of Threat Intelligence, Risk Management, Compliance Audits, DevSecOps, Infrastructure as Code (IaC), and container security (Kubernetes, Docker, EKS, AKS, GKE). Experience securing API gateways, microservices, and serverless architectures while integrating security into CI/CD pipelines. Proven ability in security policy design, audits, compliance processes, penetration testing, vulnerability assessments, and cloud security governance.