My client one of the nation's most loved healthcare retail brands is looking for a highly experienced Cloud Security Engineer to join its team.
Working remotely, with only minimum travel into the office for meetings, the Cloud Security Engineer will need to have good experience of working in retail and/or the finance industry where data security is vital.
My client is building a Cyber Security capability to ensure a coordinated response to the increasing cyber security threats, to enable risk-based decisions to be made consistently across the organisation and to establish sustainable security capabilities that are integrated with the business.
To be considered for the Cloud Security Engineer role you will:
Have three years or more experience in cloud infrastructure security roles (predominantly AWS) working within teams that practice DevSecOps
Have a solid understanding of Secure by Design and Privacy by Design principles
Be able to interact comfortably with AWS via CLI and/or API
Have specific expertise in threat assessment, attack surface management, data security, the network stack at Layer 4 and Layer 7, DNS, VPC security, IGW, WAF, API Gateways and CloudFront
Possess good knowledge of most of VPN, MFA, SAML, OAuth2, KMS and TLS and some IdP frameworks and integrations
Demonstrate experience building and running Docker images/containers securely, including container orchestration security
Have had experience of code security audit, static and dynamic analysis, defensive programming techniques and visualisation and measurement of security KPIs
Have expertise in at least one scripting or programming language
If possible be a AWS Certified Security Specialist
Be able to demonstrate experience defining and operating a Security Incident Response process
Possess Good knowledge of monitoring and alerting and Windows security (particularly Azure Active Directory).
Have Understanding of “cloud native” and 12-Factor applications
In this role, a hands-on engineering position, you will design, build and implement appropriate automation, controls and enable runtime application self-protection and security monitoring.
Working in partnership with the Cloud Platforms and Development teams, you will:
Work daily with engineering teams to improve delivery process, and be fully accountable for implementing the security processes and tools are in the Cloud platform and within DevOps
Participate in the automation of software to the cloud platform and embed security into the client’s methodology, embracing DevSecOps
Help Improve our general security posture across legacy and green field resources including applications and networks
Be responsible for enhancing security of our data assets in the Cloud as you will be working with data scientists and SMEs
Improve the monitoring and alerting systems to enhance them with specific and relevant security data points
Provide point of expertise on application, data and network security to the wider engineering teams, engaging with them in order to ensure consistent adoption of security policies and best practice
Participate in troubleshooting issues that arise
Define and implementing a Security Incident Response process/policy with regular improvements, testing and adherence
The successful Cloud Security Engineer will contribute to the creation and ongoing maintenance of security engineering principles (secure by design and privacy by design), patterns and standards to reflect best practice and effective use within the company.
Youi will be happy to build a network including external relationships with other engineers/SMEs to understand best practice and emerging trends within engineering.
This is a fantastic opportunity to join a retailer that is bucking the trend and expanding whilst offering an excellent basic and benefits package.