Cloud Security Engineer - SecDevOps
A leading Global Financial Institution is seeking to employ a Cloud Security Engineer - SecDevOps based in London.
Hours 35 per week/permanent.
Competitive salary offered.
The Cloud Security Engineer - SecDevOps will be a member of the Global Cybersecurity Technology team responsible for identifying, developing and deploying global cybersecurity controls across the estate leveraging the firm’s assets, network and data to identify threats.
The Cloud Security Engineer is accountable for providing security expertise and perform high-level technical reviews of applications and use cases that are moving to one of the Cloud Platforms (AWS, Azure or GCP); solution and build Cloud Native Detective and Responsive controls in AWS, Azure and/or GCP that enforce the security baseline at scale, and when necessary integrate with open source and vendor tools; build automation to actively audit the infrastructure for security misconfigurations of AWS, Azure or GCP. They will collaboratively work with vendors, client staff and contractors to implement and integrate vendor-provided Cloud Security solutions; develop API integrations and recommend configuration changes to improve the performance, usability, and value of cloud security tools.
The Cloud Security Engineer is also responsible for performing high-level technical assessments of existing cloud security architectures, processes, projects and vendors; evaluate new and existing cloud security solutions in support of deployments to one of the Cloud Platforms (AWS, Azure or GCP); supporting compliance initiatives (contractual, regulatory, and internal) by creating and delivering appropriate data-driven dashboards, reports, and other supporting artifacts; maintain knowledge of the latest cloud security threats.
The Cloud Security Engineer will play a key role in working with cloud operations team to develop cloud monitoring use cases, design and develop scripts needed for troubleshooting and resolution of security or compliance issues.
The successful candidate will be a graduate and will have the following attributes:
- Substantial in a relevant technology field, such as software engineering, with at least two years being in a technical security role.
- Substantial experience designing, developing, administering, and/or maintaining the security of cloud environments such as AWS, MS Azure or GCP. Clear passion for cloud security and cloud technologies.
- Extensive knowledge of cloud networking architecture, cloud operations, security, automation and orchestration.
- Strong experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation, such as: Terraform, Ansible and Jenkins.
- Experience in version control systems such as: Git, GitLab, etc.
- Knowledge of data security requirements in the cloud aligned with FISMA, CJIS, PCI, HIPAA, NIST, FedRAMP, GDPR or other rigorous security compliance standards.
- Knowledge of Cloud Security Alliance (CSA) Cloud Controls Matrix.
- Familiarity with security issues associated with containers, distributed systems, and large-scale web applications.
- Extensive knowledge of several key security practices in access control, application security, network security, security architecture, and security strategy.
- Ability to consume requirements and create/implement solutions to satisfy requirements.
Closing dates for applications 13th March 2019