Operationalizing Cloud Security in the SOC

Spring 2022

Cloud Security is new to most SOCs. SOC teams are optimized for on-prem threat hunting, incidence response etc. As more workloads move to SaaS/IaaS/PaaS how do SOC teams integrate and operationalize cloud security? This roundtable discussion session is exclusive for IT teams. No slides, just sharing best practices and challenges in a safe environment led by ONUG board members and thought leaders. Come to learn from your peers and see if you’re doing it right.


Security leader focused on making multi-cloud environments a safer place. Enables new and untried technologies, running proof of concepts and designing secure configurations that enable the business to leverage new technology safely. Ensures that the security vision is consistently executed across all phases of the software lifecycle. Promotes patterns for security automation that leverage policy as code to scale security across multiple Cloud’s. Contributor to the open source community.


Kyle Rose is a Senior Manager and Capability Architect of the Adversary Management function at Intuit. Kyle leads a team of Principal Software Engineers solving complex cloud security problems. He has 14 years of experience in cybersecurity and specializes in: DevSecOps, Security Architect, & Cloud Security. Kyle has an MS in Computer Science in Cybersecurity from The George Washington University. He is currently based in Jacksonville, FL. Kyle is a contributor to the ONUG automated cloud governance working group.

Scott Kennedy is the Security Architect for Adversary Management for the Security Team at Intuit. Certifications: CISSP-ISSAP, CISA, GCIH, and GIAC. He has 30+ years of experience as a Unix system administrator, including 20 years of dedicated security experience within commercial enterprises. Kennedy is an SME in fields including cloud security, virtualization, IT security, document retention, disaster recovery, IACNA/CND and forensics. As part of the Cloud Security Team, he is responsible for bringing scientific rigor and analysis to the decisions for cloud security. He is an active member of the Southern California IT Security scene and manages Intuit R3DC0N security conference villages experience.


Related events