Cloud Security & Compliance Officer

To own and execute the cloud security and compliance posture across Huawei and AWS production environments, ensuring continuous protection and regulatory compliance of the Cardholder Data Environment (CDE). This role acts as the technical implementer of security controls while also bridging the security and operations teams to ensure cloud operations, processes, and configurations consistently adhere to internal policies and external regulatory requirements, particularly PCI DSS, with a strong focus on governance, risk management, and audit evidence.

Implement and manage cloud security policies, standards, and baselines. Enforce security controls using native tools (AWS Security Hub, Huawei Cloud SIS) and third‑party solutions.

Translate PCI DSS control requirements into actionable operational tasks for the cloud engineering teams. Deliver compliance training and awareness to the operations staff.

Conduct regular vulnerability scans and coordinate remediation. Monitor and investigate security events from WAF, SIEM, and cloud‑native tools. Manage WAF rules and Security Group/NSG policies.

Maintain the risk register for the cloud environment. Work with the team to assess and remediate compliance‑related risks.

Govern the IAM framework, ensuring least privilege. Conduct periodic access reviews and certification for both AWS IAM and Huawei Cloud IAM.

Serve as the primary cloud security subject matter expert for PCI DSS audits. Ensure configuration compliance (e.g., using AWS Config and Huawei Cloud RMS). Manage the encryption key lifecycle using AWS KMS and Huawei Cloud KMS.

Manage and operate compliance monitoring tools (e.g., AWS Config, Huawei Cloud RMS, Scuba) to detect drift from PCI DSS baselines. Generate weekly compliance reports and dashboards for management.

Audit operational processes (change management, incident response, access reviews) to ensure they meet compliance requirements. Collect and curate evidence for internal and external audits. Validate that L1/L2 support runbooks and SOPs are compliant.

• 3-5 years of experience in cloud security, compliance, audit, or risk management role with expertise in AWS and at least one other major cloud provider (Huawei Cloud strongly preferred).
• Deep knowledge of PCI DSS v4.0 requirements and their implementation in cloud environments.
• Hands‑on experience with cloud security tools (CSPM, CWPP, SIEM, EASM).
• Expert‑level knowledge of IAM, KMS, and network security in the cloud.
• One or more professional certifications: CISSP, CCSP, AWS Certified Security – Specialty, or equivalent.
• Certification such as PCI Professional (PCIP), CISA, or CRISC is highly desirable.
• Experience with HSM (Hardware Security Module) lifecycle management and integration.
• Knowledge of VISA VCX security requirements.
• Familiarity with security frameworks like NIST, ISO 27001.

Be careful - Don’t provide your bank or credit card details when applying for jobs. Don't transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.