We are looking for Cloud Security Engineers to work with our financial services client within their existing security team. Please note these roles are inside IR35, mainly remote with some office visits as required when team are getting together. The contracts are on a renewable basis.
The main accountability of the Cloud Security Engineer is to ensure that the correct security designs and controls are in place, focusing on keeping cloud services safe and secure while simultaneously supporting programmes of work to meet their deadlines and deliver business outcomes. You’ll be responsible for security requirements, designs, risks and defining controls to mitigate these risks and guiding others to embed security into their deliverables in the best manner for the Bank.
- Working with architects and engineers to collaboratively define the mid and low level security requirements into a collection of design and engineering activities to ensure that the programme is delivering against agreed security standards and principles
- Proactively identifying security risks not exclusively as part of the design/engineering process
- Owning the end-to-end security view for specific platform components, shared services or application integration items
- Performing threat modelling against architectures, engineered solutions, and as-is platforms
- Ensuring that security activities are aligned with the wider security strategy
- Working in a multi-disciplined autonomous team delivering security value on behalf the team
- Providing security leadership, guidance and consultation to diverse teams
- Representing the security engineering capability at wider group-wide engineer guilds
- Responsibility for delivery against the OKRs and / or revision of the OKRs based on new data and findings
- Prioritising ruthlessly, whilst balancing the needs of stakeholders and risk
- 2 years exposure to cloud security (public and private cloud)
- Experience of interpreting highly technical detail, performing security analysis and providing security requirements and assurance within a cross functional team
- Demonstrable security risk and compliance experience.
- Experience working with technical and cross-functional teams to deliver change
- Threat modelling experience both platform and application level
- Hands-on experience configuring security elements/controls within public cloud environments, e.g. IAM, Firewalls, Logging/Alerting, SIEM is desirable