Firewall Governance Cloud Governance & Risk Analyst

Role: Firewall Governance Cloud Governance & Risk Analyst Location: Cary, NC (Currently remote) Duration: Full Time About the role The Firewall Governance team is embedded in the TDI CSO CTO organization and ensures that the bank-wide firewall infrastructure and related connectivity requests and changes are securely managed and respective policies and controls are in place. This team provides the following services to the global Client franchise:

• Google Cloud Platform VPC Firewall Risk Governance
• Google Cloud Platform VPC Service Control Review
• Technical Architecture Reviews of Network Components
• Risk-Assessing Network Interfaces and Network Zoning Diagrams
• Firewall Governance Security and Risk Analyses

• Conduct risk reviews of Google Cloud Platform VPC firewall policies requests
• Review and analyze the Google Cloud Platform VPC Service control policies
• Validate the requested connectivity as per Bank standards, policies, and architecture.
• Assessment of high and medium category risks for approval / rejection.
• Providing approvals for requests post assessment.
• Sending back request to approvers with rationale and recommendations.
• Regularly review and provide suggestions to amend firewall governance relevant policies, controls, and procedures together with multiple stakeholders, with a focus on Cloud Security.
• Supporting the Bank's transition from the tactical to strategic Google Cloud Platform Firewall Governance.
• Analyze user services/APIs which are supported by VPC Service Controls
• Hands on DevOps engineering
• KOP/KOD creation and maintenance, with focus on Cloud technologies and best practices.
• Implement and Manage Governance Framework, including Cloud Security best practices.
• In the pursuit of continuous improvement, evaluate new tools and technologies for the process optimization.

• The candidate should have 10+ years of experience with min 3+ years of operations team handling experience.
• Familiarity with Cloud Security Engineering, Network and System terminology. Experience in data networking is a plus.
• Hands-on experience managing and provisioning the cloud solution infrastructure
• Analyze and optimize technical and business processes
• Experience in Terraform, Palo Alto Prisma Cloud and Sentinel.
• Familiarity with Google Cloud Platform (Google Cloud Platform).
• A solid understanding of risk assessment, regulatory standards, vulnerability etc.
• Should be able to work independently with little supervision in a global and fast speed environment
• Preferred to have experience or familiarity in web application firewall.
• Should be highly organized and can drive multiple tasks or initiatives
• Excellent communication and interpersonal skills

• Google Cloud Platform VPC networking and firewall concepts
• Cloud Architect level certification
• Fundamentals of Terraform and GitHub

• Degree from an accredited college or university in Computer Science or equivalent.
• Cloud Associate level certification is preferrable
• CISSP certification, CCSP certification or similar certification is beneficial