After working in cybersecurity for over 10 years, mostly in governance, risk, and compliance (GRC) consultancy roles, I’ve built a strong knowledge in policy, control frameworks, and risk management. During that time, I’ve picked up cloud (and other technology) knowledge through various projects and engagements—reviewing architectures, conducting risk assessments, and advising teams etc.
But admittedly, my hands-on technical experience with cloud platforms (especially AWS) could, and should, be better.
What’s become increasingly clear is that the GRC landscape is shifting. In my opinion, the days when you could succeed in security risk roles without a solid grasp of the underlying technology are becoming less, as so many key business functions, including data, are hosted in the cloud. This, to me, also transcends into the job market. There is always talk of a mass amount of vacant cybersecurity roles. This is absolutely the case, however, this a skills gap.
Recent industry reports highlight that while cybersecurity roles remain in high demand, employers are struggling to find candidates with the right mix of cloud, DevSecOps, and automation skills. For example, the 2024 (ISC)² Cybersecurity Workforce Study estimates a worldwide shortfall of over 4 million cybersecurity professionals, and roles requiring cloud security expertise or experience with infrastructure-as-code tools like Terraform or CI/CD pipelines remain among the hardest to fill.
With the rise of cloud-native environments, infrastructure as code, and now AI-driven services, understanding how these systems actually work is essential if you want to move up the ladder and generally be more effective in a GRC-related role.
That’s why I’ve taken on the AWS Cloud Resume Challenge, so I can:
- Strengthen my technical foundation by building something real
- Get better exposure to services like S3, Lambda, API Gateway, and DynamoDB
- Practice using tools like Terraform and GitHub Actions
- Reinforce my understanding of cloud security from a build-first perspective
- To document how I did something to either inspire someone else to follow suit or tell me how I could have done it better!
I will aim to blog each section of the challenge, which can be found in the link I provided earlier :)
Top comments (0)