The Cloud Vulnerability Detection, Response, and Remediation Subject Matter Expert (SME) is responsible for leading efforts to identify, assess, and remediate vulnerabilities across cloud environments. This role involves proactive threat detection, incident response, and collaboration with cloud engineering and security teams to ensure the security and compliance of cloud infrastructure and services.
-
Lead cloud vulnerability management initiatives across AWS, Azure, and GCP environments.
- Conduct regular vulnerability scans and assessments using cloud-native and third-party tools (e.g., AWS Inspector, Azure Security Center, Prisma Cloud).
- Analyze scan results and prioritize remediation based on risk and impact.
- Collaborate with cloud engineering and DevOps teams to implement security patches and configuration changes.
- Monitor cloud environments for indicators of compromise and anomalous activity.
- Respond to cloud security incidents and provide expert guidance on containment and remediation.
- Develop and maintain cloud security policies, procedures, and playbooks.
- Ensure compliance with cloud security standards such as CIS Benchmarks, NIST, ISO 27001, and regulatory requirements.
- Provide regular reporting on cloud vulnerability trends and remediation status.
- Stay current with emerging cloud threats, vulnerabilities, and security technologies.
-
Bachelor’s degree in Computer Science, Information Security, or related field.
- 5+ years of experience in cloud security, vulnerability management, or incident response.
- Strong understanding of cloud architectures and services (AWS, Azure, GCP).
- Hands-on experience with cloud security tools and platforms (e.g., AWS Inspector, Azure Defender, Prisma Cloud)
- Experience with SIEM and cloud monitoring tools (e.g., Splunk, Azure Sentinel, AWS CloudTrail).
- Relevant certifications such as AWS Certified Security, Azure Security Engineer, CISSP, or CCSP.
- Excellent analytical, communication, and problem-solving skills.
- Experience with container security and orchestration platforms (e.g., Kubernetes, Docker).
- Knowledge of cloud compliance frameworks and audit processes.
- Familiarity with automation tools (e.g., Terraform, Ansible) for cloud security operations.
- Understanding of cloud identity and access management (IAM) best practices.
- ServiceNow Certified System Administrator (CSA) or Certified Implementation Specialist (CIS).
- ITIL Foundation certification.
- Experience with other ITSM tools and platforms.
We are a specialist professional services and technology firm, working in partnership with leading insurance, highly regulated and global businesses.
We help our clients to manage risk, operate their core business processes, transform and grow. We deliver professional services and technology solutions across the risk and insurance value chain, including excellence in claims, underwriting, distribution, regulation & risk, customer experience, human capital, digital transformation & change management.
Our global team of more than 8,000 professionals operate across ten countries, including the UK & the U.S. Over the past ten years Davies has grown its annual revenues more than 20-fold, investing heavily in research & development, innovation & automation, colleague development, and client service. Today the group serves more than 1,500 insurance, financial services, public sector, and other highly regulated clients.
