Cloud Security Engineer

LinkedIn ShareShare

Why i-confidential

i-confidential offers a range of information security consulting services.  We provide cost effective services to help our clients to clearly understand their information risks and develop their information and cyber security strategies.  We deliver practical, understandable solutions to protect information. Our client base is expanding, and our clients are asking for an increasingly diverse range of services.

We are looking to work with Security Engineers to aid one of our financial services projects.


Working within Cloud Security, across some of the most forward-looking business units to migrate the applications in to a of cutting-edge cloud hosting platform.

The role involves working to obtaining a deep understanding of various technologies and applications to produce necessary design or solution documents. This will involve leading projects technically, working with security teams and SMEs across the Group as well as with vendors and developers. 

Key accountabilities:

  • Provide the following capabilities as required by the project or determined by the work load alignment:
    • Security Engineering and Design
    • Security Consultancy
  • Participate within each project as a primary resource ensuring commitment to attend all appropriate calls and meetings.
  • Accept ownership for technical related deliverables as defined by the project scope. Agree these deliverables with the aligned Senior Security Engineer for the portfolio to ensure strategic and risk reduction adherence. Work with the project manager and business analyst to ensure any critical success factors or business objectives are reasonable and can be met.
  • Manage requirements from stakeholders within each project and collaborate with the Senior Security Engineer portfolio lead on challenges that need wider business discussion or escalation to the Lead Security Engineers.
  • Analyse security risk within each design as appropriate to the scope and ensure that all interested stakeholders are informed or consulted where necessary.
  • Design and implement security controls using a combination of Enterprise Architecture Patterns, Security Standards and bespoke deliverables.
  • Work closely with vendors, platform teams and SME’s where necessary in order to agree architectural decisions, design statements and exceptions. Where necessary support the project in obtaining waivers related to security design decisions taken.
  • Take the lead on security architecture decisions and issues where the problem scenario is not covered by a pattern or standard.
  • Ensuring that the drivers of Cost, Pace and Quality are maintained during production of or contribution to design artefacts.
  • Provide security architectural SME knowledge and design engineering effort that leads to the creation of high quality solutions that comply with all relevant ITEC policies and Security Standards.
  • Provide security support for assigned projects at review committees, boards or forums in order to facilitate the project through governance.
  • Provide support for projects as they move into the delivery stage at a level suitable to ensure that the solution is implemented as per the design.

Skills and experience required

  • Significant knowledge of Cyber Security as it applies to Enterprise business and ideally exposure to risk or threat assessment techniques.
  • Exposure to cloud security models including public, private and hybrid concepts
  • Cloud policy engineering & deployment
  • Cryptographic knowledge including encryption, key exchange, certificate handling and protocols
  • Security Control Frameworks e.g. NIST, CIS & ISO27001 and practical experience in their implementation
  • Continuous compliance
  • Infrastructure Architecture principles, security best practices
  • Network security devices including NGFW, UTM or NIPS/NIDS
  • Web application firewalls, network load balancers, proxy systems
  • Network, Endpoint and Application logging concepts, best practice and monitoring systems including SIEM
  • Authentication, Authorisation and Accounting concepts, best practice and IAM management systems. OTP and MFA systems.
  • Active Directory Security including federated solutions using ADFS, SAML etc
  • Application security including web applications, SaaS services etc
  • Data handling principles, protective marking/tagging and data security knowledge
  • Knowledge of container security best practices
30 March 2021