We're looking for a Senior Security Specialist to join a growing team as our client transforms into a leading digital organisation. You’ll shape, influence and assure security designs, to ensure that change is delivered both securely and at pace.
The core purpose of the team is to ensure that security is at the heart of all our change projects, ensuring our services, customers, colleagues, and businesses are protected.
- Assessing systems against internal security frameworks and baseline build requirements.
- Authoring of logical and technical security patterns, Cloud guardrails and other guidance, based on internal security standards and industry benchmarks
- Understanding the impact of changes to technology roadmaps and any impacts to existing or new security artefacts (e.g. patterns).
- Apply Security domain expertise when performing risk assessments to ensure risks are identified and mitigated based on risk mitigation strategies.
- Maintain awareness of key security threats along with technologies in use, including legacy and cloud technologies.
- Stay on top of industry trends / initiatives and articulate that to the wider Cyber Security team and community.
- Maintaining an awareness of new or existing Cyber Security technologies to inform updates to security artefacts.
- Experienced Security background across a range of disciplines (e.g., Networks, Data Security, Application Security and Identity & Access Management)
- Experience of producing security patterns, guidance, or Cloud guardrails.
- In-depth knowledge of Cloud security and Cloud security frameworks used by the main Cloud providers (e.g. Google, Azure, AWS)
- Hands on technical knowledge and ability to navigate through Cloud security portals (e.g. ability to configure policies through the command line)
- Appreciation of Cloud Security and 3rd Party assurance issues
- Familiar with DevOps toolsets and have some hands-on coding skills
- Experience automating manual processes
- An understanding of containerisation security models (e.g. using Cloud container services and services like ISTIO and OPA)
- Knowledge of vulnerability management and compliance configuration management
- A track record of delivery, with strong organising skills.
- Ability to build & maintain relationships within the team and across other Group IT Directorates.