Overview:
*recruiter -* lorena padilla
*position reports to*: quetzalcoatl contreras
*work schedule*: hybrid, going to the office in gdl for 3 days.
The role:
how you would contribute:
- identify and suggest implement security controls to protect the organization's systems and data.
- leverage company resources to make strong proposals regarding new security hardening standards for technology components to meet herbalife security requirements.
- conduct regular security reviews on herbalife platforms and build the dashboard/metric for management review.
- leverage well-known security standards and best practices to provide guide for creating herbalife security policies, standards, procedures, and guidelines.
- identify and maintain up to date the security controls baseline.
- participating in the technology life cycle to identify and mitigate cybersecurity risk and establishing compensating controls if needed.
- monitoring, detecting, and reporting cybersecurity risk and policy deviation and provide recommendation to the risk management team.
- provide technical support, delegation, and technical training to the cybersecurity team to achieve strategic goals.
- analyze systems, threat modeling for new features, identify security vulnerabilities in implementation, and recommend cloud security controls to ensure end-to-end protection.
- support cybersecurity global projects and delivery to all the regions.
What’s special about the team:
the team support the design of secure solutions for business requirements in alignment with herbalife’s technology roadmap. This is a global team with members in multiple countries.
Supervisory responsibilities: n/a.
Job qualifications:
skills and background required to be successful:
- 6+ years of cloud or it experience or equivalent or 6+ years of experience in designing or evaluating enterprise architecture, or 6+ years of experience in a cybersecurity role.
- familiarity with enterprise technologies, enterprise applications, and enterprise architectures.
- general knowledge of networking, operating systems, databases, application development, containers, cloud technologies.
- general experience working with technologies and stacks: build pipelines, frameworks, qa process, etc.
Education:
- bachelor's degree in computer science or related field.
- experience in public cloud (azure, gcp, aws and other public clouds).
- experience assessing and mitigating risks related to public cloud deployment (azure, gcp and other public clouds.
- familiarity with cloud technologies: saas, iaas, paas, others.
- at least two out of the following technical certifications:
- isc2 cissp - mandatory.
- microsoft certified: azure security engineer associate (az-500).
- aws certified security specialty.
- google professional cloud security engineer certification.