Role Description

Who you’ll be working with

You will be working within a Cyber Security Unit (“CSU”) which brings together 2,500 professionals to help define and implement their clients’ cybersecurity strategies. They protect their IT, industrial systems and the ever growing number of products and systems enabled by the Internet of Things (IoT). They also strengthen defences, optimize investments and control risks. The CSU includes security experts (e.g. specialists in infrastructure, applications, endpoints and identity and access management), a research and development team (whose members specialize in malware analysis and forensics), ethical hackers, multi-tenant security operation centers (SOC) in different parts of the world, and an Information Technology Security Evaluation Facility.

The focus for your role

As a Cloud Security Architect you will be in a technical, client-facing role, supporting and guiding clients in their experience with our client’s cloud security solutions and services.

You will be responsible for ensuring timely responses to clients’ Request for Proposals (RFPs) and questionnaires. You will collaborate with our business units, partners and legal teams to refine service agreements and service descriptions aligned with ongoing security strategy and policies. You will also share your knowledge and play an important role in developing our other consultants and our graduate community to ensure our client’s Cloud security skills and capability continues to grow.

What you’ll do:

• Help clients create and develop enterprise security use cases, which align to their organisational security strategy and Cloud security baseline.

• Design, develop and build security reference architectures for public, private, and hybrid cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
• Act as an ambassador and senior technical representative for Cloud security (e.g. engaging with senior technical leaders in clients’ organisations to design and implement Cloud and Cloud hybrid based solutions.
• Work with other business units to develop standards, choose appropriate technology solutions and enable complete integration of our clients’ environments.
• Lead training and technical forums, serve as a mentor and execute other initiatives designed to share knowledge with other people and teams.
• Identify, recommend and co-ordinate training sessions to deliver the knowledge other teams need about security-relevant technologies, processes and tools.

What you’ll bring:

• A firm understanding of the cloud delivery, security and deployment models for IaaS, PaaS and SaaS and up-and-coming Account – System – Server – Services hierarchy (AssS) service offerings provided by Amazon Web Services (AWS) and Microsoft Azure platforms.
• A firm understanding of the security, configuration and deployment requirements for SaaS offerings (such as Salesforce) is highly desirable.
• Proven ability to design and implement secure cloud architectures and designs that meet clients’ business requirements and incorporate appropriate and sustainable security controls and risk reductions.
• Technical knowledge in routing, firewall policy, Anti-Distributed Denial of Service (Anti-DDoS), Web Application Firewall (WAF), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), secure credential management, virtualisation, service oriented architecture (SOA), Secure DevOps (SecDevOps), operational practices, micro services architecture and database design.
• Experience in designing and implementing MS O365 SaaS service offerings for clients, including areas such as:
  • Enterprise network transformation requirements
  • Express route/resilient IPS connectivity design
  • Cloud based proxies/WAFs
  • Security controls for Cloud and endpoint services
  • Cloud Access Security Broker (CASB) into SaaS services
  • Encryption gateways, API firewalls, etc
  • Integration of CASB to SOC/SIEM services
• Experience with assessing, developing, designing, implementing, operationalizing and documenting a comprehensive set of security technologies and processes within SaaS, IaaS, PaaS, and other cloud environments, such as:
  • Secure software development (application security)
  • Infrastructure security (network & endpoint)
  • Data protection (cryptography & key management, DLP, etc)
  • Identity and access management (IAM, IDaaS, etc)
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
• Experience with service-oriented architecture for cloud-based services.
• Experience working with cloud security and governance tools, CASBs and server and network virtualization technologies such as SDN.
• Experience with enterprise applications (architecture, development, support, and troubleshooting).
• Experience performing threat modelling and design reviews to assess security implications and requirements that accompany the introduction of new technologies. This includes knowledge of CSA, OWASP and other Industry Cloud Security Frameworks.
• Experience in presenting technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
• Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
• Ability to work independently with minimal direction (self-starting and motivated)
• Experience with deployment orchestration, automation, and security configuration management (Puppet, Chef, Docker, etc.) preferred.

What is on offer to you

Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer at this dynamic, people lead organisation. And although collaboration is at the core of the way they work, they also recognise individual needs with a flexible benefits package you can tailor to suit you.