Cloud Operations and Security Manager

Who We Are

Kinross is a Canadian-based global senior gold mining company with operations and projects in the United States, Brazil, Mauritania, Chile and Canada. Our focus on delivering value is based on our four core values of Putting People First, Outstanding Corporate Citizenship, High Performance Culture, and Rigorous Financial Discipline. Kinross maintains listings on the Toronto Stock Exchange (symbol:K) and the New York Stock Exchange (symbol:KGC).

Mining responsibly is a priority for Kinross, and we foster a culture that makes responsible mining and operational success inseparable. In 2021, Kinross committed to a greenhouse gas reduction action plan as part of its Climate Change strategy, reached approximately 1 million beneficiaries through its community programs, and recycled 80% of the water used at our sites. We also achieved record high levels of local employment, with 99% of total workforce from within host countries, and advanced inclusion and diversity targets, including instituting a Global Inclusion and Diversity Leadership Council.

Eager to know more about us? Visit Home - Kinross Gold Corporation

The Opportunity

The Cloud SecOps team is currently growing to support the deployment of new and existing cloud systems. The Cloud Operations and Security Manager will lead a team of cloud professionals that are responsible for operating and securing Cloud IaaS and PaaS environments and support the security of SaaS applications in accordance with Kinross standards and security best practices. The primary focus areas of this role are:

1. Managing the operations and the growth of the cloud platforms
2. Supporting the implementation of security controls to protect Kinross systems and data hosted in the cloud
3. Work directly with other IT stakeholders on building new cloud systems or migrating existing On-Prem systems to the cloud  

The Cloud Operations and Security Manager will work standard business hours and will be required to respond to after-hours emergencies as necessary.

What You Will Do

• Managing a team through technical guidance, workload distribution, goal setting, coaching, and learning & development.
• Lead cloud incident resolution, change management, and problem management.
• Generate ideas and provide guidance for continuous improvements.
• Financial management and continuous cost savings.
• Build strong relationships with relevant stakeholders and support business demand  
• Ensure alignment with the Kinross Cloud Strategy and IT Strategy.

SecOps Team Areas of Responsibilities

The cloud SecOps team has a mandate to deliver on the areas highlighted below, a manager is responsible for the success of this team on achieving their objectives.  

Cloud Platform Operations

• Running, maintaining, and managing Kinross’s IaaS, PaaS and SaaS environments with detailed focus on Cloud Security.
• Create and maintain cloud resources including virtual networks, gateways, application services, and storage. Deployment of Servers and configuration of security groups.
• Support the implementation of new cloud initiatives and migration of applications to the cloud platform.
• Support the integration of cloud applications with other systems.
• Document processes and procedures concerning the cloud platforms and cloud deployments.
• Provide support and resolve technical issues related to the cloud platforms.
• Validation & execution of backup tasks and disaster recovery processes.
• Liaise with cloud providers on issues or questions regarding cloud infrastructure.
   

Cloud Security

• Perform Security assessment, evaluate security controls of cloud platforms and cloud deployments.
• Manage user access to SaaS applications deployed at Kinross.
• Implement and manage security controls protecting the cloud systems and build capabilities against future threats.
• Research and analyze the latest capabilities of specific information security (e.g. cloud services, encryption, PKI etc.) and IT technologies (e.g. operating systems, networks, storage, virtualization etc.)
• Monitor deployed cloud resources for performance and security. 
• Document processes and procedures concerning the security of the cloud platforms and cloud deployments. 
   

Education

• Bachelor’s Degree in IT or Computer Science
• One or more of the following certificates will be highly valued:
  • Cloud Security certifications (e.g. CCSP) through (ISC)² or Cloud Security Alliance.
  • Certifications in Azure or AWS

Minimum Experience

• 5+ years of IT team management experience while providing support to production environments.
• 5+ years in Cloud Operations or Administration.
• Experience with supporting web application technologies such as TCP/IP, SSL/TLS, HTTP, DNS, routing, load balancing, etc.
• Experience securing cloud platforms and applications.
• Experience managing & operating Azure IaaS platform
• Experience in cloud SaaS solution management.
• Experience managing Windows Server and Linux-based operating systems.
• Experience managing virtual machines, storage and backup solutions.
• Experience in managing business applications in cloud IaaS or in a traditional On-Prem environment.

Valued Experience

• Experience in APIs (design, authentication, authorization).
• Experience managing other cloud platforms such as AWS, or Google Cloud Platform.
• Experience in Infrastructure as Code solutions.
• Experience in security risk assessments.
• Experience in Azure Active Directory

Skills

• Excellent leadership skills, written and verbal communication and interpersonal skills
• Experience successfully managing external vendors 
• Prior experience in a mid to large tier organization, preferably within global context
• Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
• Ability to manage multiple complex priorities and competing agendas
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker 
• High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
• Experience in IT Security Governance and Policies 
• Demonstrated ability to influence and drive internal and external stakeholders to a decision in a business environment
• Demonstrated ability to work independently, meet tight deadlines and work effectively in a multi-functional, international team environment