Job Description
This role owns and drives all security and operating‑model concerns raised by strategic enterprise customers for Icertis Cloud Infrastructure (ICI).
The Role Acts As The Single Accountable Owner For
- Cloud security posture in customer‑owned Azure environments
- Deviation management (e.g., non‑domain‑joined VMSS)
- Operating‑model alignment (patching, monitoring, CI/CD, access)
- Evidence, visibility, and executive decision support
The role exists to remove friction, ambiguity, and rework in large‑customer security engagements by converting repeated questions into clear positions, guardrails, and auditable programs.
Responsibilities
- Strategic Customer Security Ownership (Primary)
- Own end‑to‑end security conversations for strategic customers
- Act as the single-threaded owner across Cloud Ops, DevOps, CPS, Engineering, and Compliance
- Translate customer security standards into implementable, testable, and supportable models
- Ensure consistent positions across decks, calls, audits, and escalations
- Cloud Infrastructure & Operating Model Alignment
- Own customer discussions around:
- VMSS vs VM security equivalence
- Non‑domain‑joined deployments
- Image‑based enforcement, identity lifecycle, drift handling
- Lead definition and validation of:
- Patching lifecycle and visibility
- Monitoring and telemetry alignment (MDE, Sentinel, customer tools)
- Support and escalation RACI in customer‑owned subscriptions
- Drive clarity on what Icertis owns vs what the customer owns
- Deviation, Risk & Exception Management
- Own formal risk narratives for deviations from customer standards (e.g., domain‑join semantics, tooling assumptions)
- Coordinate executive‑level risk acceptance with customer CSO teams
- Ensure deviations are:
- Explicitly documented
- Guard‑railed
- Time‑bound
- Supported by equivalent security outcomes
- Change Management & Control Governance
- Own structured approaches for:
- GPO change management
- Emergency vs planned enforcement
- Impact assessment and rollback logic
- Ensure every change has:
- Clear ownership
- Defined timelines
- Evidence and traceability
- CI/CD, Deployment & Tooling Alignment
- Own customer security posture for:
- Git runners / CI‑CD execution models
- Private Link vs DMZ‑based execution
- Network allow‑listing and proxy constraints
- Ensure deployment models remain:
- Secure
- Auditable
- Scalable across future releases (not bespoke per customer)
- Evidence, Visibility & Audit Readiness
- Own the evidence model for strategic customers:
- Patch visibility
- Scan outputs (SAST, SCA, VAPT)
- Image lineage and deployment traceability
- Convert ad‑hoc evidence requests into repeatable, system‑driven artifacts
- Support audits without creating parallel operational processes
Qualifications
Core
- Deep understanding of Azure infrastructure security and operating models
- Experience operating in customer‑owned cloud environments
- Strong grasp of:
- VMSS / image‑based security models
- Patch management and visibility
- Monitoring, telemetry, and SOC integrations
- Ability to reason about security equivalence, not just control checklists
Program & Stakeholder Leadership
- Proven ability to lead high‑noise, high‑scrutiny customer engagements
- Comfortable engaging CSO / architecture review boards
- Strong documentation and narrative skills for:
- Risk acceptance
- Decision points
- Executive summaries
Preferred Qualifications
- Azure Security certifications
- Experience with large regulated enterprises (telecom, finance, government)
- Prior ownership of customer‑specific cloud security operating models
Key Competencies
- Ownership mindset (this is my problem end‑to‑end)
- Structured thinking under ambiguity
- Ability to reduce repeated questions into durable answers
- Calm, credible presence in customer security forums
Experience
- 10–15 years in Cloud / Security / Infrastructure roles
- 5+ years owning security programs with direct enterprise customer exposure
