Wiz Cloud Security

Detailed description of work task to be carried out

Responsibilities and Scope of Work

The purpose of this role is to build and operationalize governance around the Wiz.io Cloud Security Platform and to define a structured Cloud Security Incident Response (CSIR) process in Bank.

The role is project-focused and emphasizes setting standards, processes, and operating models rather than day-to-day tactical security operations.

 

The person will be responsible for:

Defining how Wiz is used across Bank's organization, including ownership models, risk categorization, severity definitions, remediation workflows, and SLAs. 
Making sure Wiz findings are transformed into governed, repeatable processes that enable consistent handling of cloud security risks across Azure, AWS, and GCP, with Google as the primary platform. 
 

A key responsibility is designing a cloud-specific incident response framework that incorporates Wiz findings into security operations. This includes defining what constitutes a cloud security incident, how Wiz signals feed into SIEM tools, and how incidents are escalated, investigated, and resolved. The role will supports alignment with SOC processes and enables automation through SOAR tools such as XSOAR where appropriate.

It’s expected that person hired will produces clear governance documentation, incident response playbooks, and operational procedures that allow the Wiz platform and CSIR processes to scale beyond the project lifecycle. 

Strong communication with international stakeholders is essential, as the role acts as a bridge between cloud engineering, security operations, and governance teams.

 

Must-have knowledge and experience

Must-Have Knowledge and Criteria
• Hands-on experience with Wiz.io, including building workflows, prioritization models, and governance around findings
• Strong Cloud Security expertise, with GCP as the primary cloud platform
• Proven experience designing or supporting security governance, risk management, or incident response processes
• Practical knowledge of SIEM platforms (Microsoft Sentinel, Splunk, CrowdStrike NG SIEM)
• Familiarity with SOAR concepts and tooling (e.g. XSOAR) and response automation
• Strong security foundations confirmed by certifications
• Excellent documentation and communication skills
• English proficiency at C1 level

 

Nice-to-have knowledge and experience

•You have ability to prepare clear and meaningful reports
• You are accustomed to work in international enterprise work environment
• You have professional communication and presentation skills
• You speak and write English at excellent level.