Head of Cloud Security & Compliance
Within the team around Secure Public Cloud Services, we are accountable for strategizing, design, implement and support the group-wide Public Cloud Services Portfolio of IT Services. Hereby the value of security is well recognized through its reflection in the name.
To support our teams, we are looking for you to overall direct and steer the Cloud Security & Compliance team across our major Cloud Platforms – Microsoft Azure & Google Cloud - as well as in our Service Portfolio. Hereby an open minded, cloud native and agile thinking towards resolution of problems is key, but always keeping our customer and colleagues in the center of the solution.
Your work will be essential to protect DPDHL group’s information assets in a dynamic threat landscape by secure design.
- Own and direct the overall Cloud Security & Compliance approach for the ITS Secure Public Cloud Services Portfolio in an agile manner.
- Own and maintain the contractual agreements to IT Services' Public Cloud Providers (MS & Google) to reflect requirements in regards to Security, Data Privacy & Compliance
- Set direction and ensure implementation of platform wide Identity & Access Management approach for the strategic Public Cloud Platforms
- Support and consult ITS Info Sec team to design, monitor and enforce platform-wide policies, when it comes to Security and Compliance aspects.
- Consult on platform-wide Network Design to ensure cloud native approach to network security
- Align and Collaborate with ITS InfoSec on cloud security monitoring, management & forensics processes, tools and guidelines for the security and ease of use of the DPDHL cloud workloads
- Support cloud security & compliance audits with the accountability to drive remediation of findings; direct cloud workload audits to ensure workload compliance and consult and support to remediate audit findings on workload level
- Support and consult ITS InfoSec Team on Cloud Platform security documentation and processes.
- Own and drive the overall cloud security and compliance knowledgebase as a critical knowledge backbone for future cloud adoption, incl. definition of guidelines and outlining of best practices.
- On ITS cloud services level - act as a source of knowledge for all SPCS colleagues to support in Cloud Security & compliance related questions and take accountability for entire SPCS Security Concept Documentation.
- For divisional cloud workloads: act as an SME to support adoption of Secure Public Cloud Services within the group, meeting all Security, Data Privacy and compliance related requirements.
- Ensure continuous improvement on all relevant cloud security and compliance related aspects on the Secure Public Cloud Services Portfolio.
- Master's degree in informatics, computer science, information systems or equivalent
- 10 years of experience in Corporate IT, at least 5 years of it within an IT Security, Data Protection or IT compliance focused position
- In-depth knowledge of Public Cloud Platforms (Microsoft Azure & Google Cloud), ideally proven by respective certifications
- CISSP / CISM or CCSK / CCAK or other security focused certifications would be a benefit
- Proven personal network into DPDHL Security Community (Group CISO, divisional CISO, ITS InfoSec Team, Corporate Data Protection, IT Legal) and inside the Security Industry.
- Advanced verbal and written communication skills with the ability to articulate complex ideas in easy to understand business terms to senior leaders
- Agile mindset and track record on agile projects required
- Skills in critical thinking and problem-solving methods
- Strong team player with good relationship management skills
- Perseverance and the ability to get things done even in the face of organizational or technical challenges
- Excellent moderation in dealings with different specialist departments / IT stakeholders and managers, with an good skill to present complex technical concept to targeted audience
- Solution-oriented with a healthy attitude of Can-do, expertise, passion and Right 1st Time
- Ability to work independently in a globally distributed team
Zahlen und Fakten
DHL Information Services (Asia-Pacific) Sdn. Bhd.
„Die Deutsche Post DHL bietet mir Sicherheit, die Chance mich weiterzuentwickeln und die Möglichkeit, in fast jedem Land der Welt zu arbeiten.“
Aktueller Mitarbeiter – Senior Consultant in Bonn