Major Duties and Responsibilities

• Supports the design, implementation, operation, securing and monitoring of WWF’s cloud infrastructure to enable delivery business solutions and services to agreed service levels and ensure solutions and services are accessible on all end-user devices, wherever possible. On an as-needed basis, evaluates, recommends, and justifies appropriate products that support the security of the cloud environment.
• Supports the design, implementation and monitoring of WWF’s Identity and Access Management platform to identify, authenticate and authorise users across distributed and federated sites. Installs, implements, and maintains cloud security services that prevent unauthorised access to services.
• support end-to-end availability and performance of key cloud and infrastructure services and build automation to prevent problem recurrence and automate response to different service conditions.
• Support the consistent adoption and integration of cloud services across the WWF network, optimizing for cost, performance, security and scalability.
• Collaborate with cross-functional teams to define and enforce IAM policies and procedures across the organisation's cloud-based systems and platforms.
• Contributes to strengthening the security posture of the organisation by regularly assessing cloud services configuration baselines, recommending and implementing improvements following clear change management procedures.
• Supports the implementation of a Security Information Event Management SIEM and assures that log collection is functional and relevant. Reduces false-positives and detects security incidents.
• Monitors and analyse security logs and alerts from cloud-based systems and platforms to detect and respond to potential security incidents. Configures where possible the centralisation of logs to SIEM systems.
• Conducts security assessments, through external partners, or by the use of vulnerability scanners. Interprets results, identifies critical vulnerabilities, and either performs or recommends corrective actions to remediate vulnerable systems and applications.
• Develops, implements and recommends cloud security architectures, policies and procedures in line with industry best practices, aligned with NIST, CIS and ISO frameworks.
• Documents all cloud security systems, and mission critical applications.
• Collaborates with cross-functional teams to ensure security requirements are integrated into newly or existing cloud applications, architecture, deployment, and operations.
• Stays up to date with the latest cloud security threats, trends, and technologies, and proactively identify areas for improvement.
• Participate in incident response processes and activities, including investigations, root cause analysis, remediation and lessons learnt.
• Work closely with the cybersecurity teams, and or IT teams from other locations.

PROFILE

Required Qualifications

• Bachelor’s degree in Computer Science, Electrical/Electronic Engineering, Software Engineering, Information Technology, or related disciplines.
• Strong technical knowledge and expertise in administering and securing cloud environments such as Microsoft 365, Azure and AWS.
• Knowledge on programming languages, such as Python, Powershell, is also beneficial.
• 10 years of experience in managing and administering security on cloud base platforms, preferably using Microsoft platforms.
• Experience with cloud security frameworks, such as CIS benchmarks and the Cloud Security Alliance (CSA). Familiarity with security compliance standards and regulations, such as GDPR, PCI DSS and ISO 27001.
• Hands-on experience with security tools and technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), SASE, DLP, SIEM & SOAR solutions, and vulnerability scanning tools. Experience with Microsoft 365 security tools such as Defender, Intune, EntraID and Azure is required.
• Solid understanding of networking concepts, protocols, and technologies related to cloud environments.
• Experience in developing and implementing policies, procedures, and security best practices aligned with NIST, CIS or ISO frameworks. 
• Certifications in cybersecurity and Microsoft are an advantage, such as CISSP, GIAC, Azure Security, AWS or equivalent.
• Prior experience in technology implementation projects in a complex globally federated operating environment.
• Preferred hands-on experience consolidating and/or migrating across diverse technology platforms.
• Strong organizational, documentation, project management skills.
• Proficiency in English is essential. Other languages would be an advantage.