Serve as the Cloud Workload Protection Platform (CWPP) expert, ensuring all cloud-hosted assets, including virtual machines, containers, and clusters, are onboarded, secured, monitored, and properly configured under the CWPP framework.
Develop onboarding scrips (bash, python, API) to automate deployments to cloud workload protection platform.
Assist with vulnerability scanning, detection, response, threat hunting and investigation related to our cloud assets.
Assist with generating compliance and inventory reports (Servers, Cloud Assets, Accounts, Container registries, Kubernetes Clusters) from our Cloud Workload Protection platform.
Install, configure maintain the cloud-based security applications using documentation and assistance from vendors support as required.
Maintain operational documentation required for the support of the solutions.
Ensure all planned changes are managed using Change Management best practices.
Ensure compliance with CGI Global Security standards.
Monitoring, Incident Reporting
Monitoring events and detections and act on findings across all workloads on Azure, AWS and GCP including Kubernetes platform and work with cloud/Kubernetes admins to resolve issues.
Monitor the cloud-based security platform for indicators of misconfiguration (IOMs)
Troubleshooting and Incident Resolution
Troubleshoot, determine root cause and provide corrective action in a timely manner for cloud security solution incidents
Work with cloud/Kubernetes/application SMEs and internal and external service providers to resolve incidents.
Ensure lessons learned through root cause analysis and troubleshooting are documented.
