Location: Flexible but anticipate travel
Who you’ll be working with
Our client’s Cloud Infrastructure Services, Cyber Security Consulting & Projects Practice provides consulting and projects in all areas of infrastructure including Cloud based services, networks, servers, storage, information security, service management and governance. They deliver services including high-level consulting, strategy and business case development, architecture design and implementation to a wide variety of market sectors.
Their Cyber Security Unit (“CSU”) brings together over 3000 security professionals to help define and implement their clients’ cybersecurity strategies. They protect their IT, industrial systems and the ever-growing number of products and systems enabled by the Internet of Things (IoT). They also strengthen their defences, optimize their investments and control their risks. The CSU includes security experts (e.g. specialists in infrastructure, applications, endpoints and identity and access management), a research and development team (whose members specialize in malware analysis and forensics), ethical hackers, seven multi-tenant Security Operation Centres (SOC) in different parts of the world, and an Information Technology Security Evaluation Facility.
The focus of your role
The Cloud Infrastructure Services, UK Cyber Security Team has approximately 200 security and risk management professionals who are qualified and equipped to tackle their customers’ most challenging security-related concerns. Their vision is “to become an exemplar and reference point throughout the business for the provision of security and risk management services”.
They believe that developing, resourcing and selling a comprehensive suite of cybersecurity transformation and enablement services is key to realising their vision. They are reshaping their security expertise and capabilities to become a leading provider of these services. They aim to offer simple solutions to complex problems and in so doing engage their customers with high-value cybersecurity propositions, that help their customers embrace transformational technologies knowingly and with confidence.
This is an excellent role for a candidate with a strong Cloud bias/background in cyber security and who wishes to be part of an enthusiastic, successful and growing Security team. As a Cloud Security Consultant you will be in a technical, client-facing role, supporting and guiding clients with their Cloud migration or security improvements to existing or expanding cloud adoption. Whilst this is predominantly a delivery role, you will also be involved in business development activities such as ensuring timely responses to clients’ Request for Proposals (RFPs) and questionnaires, collaboration with other business units, partners and legal teams and development of Cloud service offerings.
You will also share your knowledge and play an important role in developing other consultants and the graduate community to ensure Cloud security skills and capability continue to grow. Successful applicants will be required to work mainly in UK and Ireland, with occasional travel abroad as required.
What you’ll do
Specifying, communicating and delivering the Security Consulting, Security Architecture and Engineering services aligned with one or more of the main groupings in our client’s model for Cybersecurity Transformation and Enablement Services. This includes the following:
- Help clients create and develop enterprise security use cases which align to their Cloud security strategy and security baseline.
- Design, develop and build security reference architectures for public, private, and hybrid Cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
- Identify, design and deploy solutions to secure cloud usage, whether cloud-native or COTS solutions
- Work with our client’s Cloud Infrastructure Services Cloud & Edge Practice to develop standards, choose appropriate technology solutions and enable complete integration/migration of our clients’ environments.
- Identify, recommend and co-ordinate training sessions to deliver the knowledge other teams need about security-relevant technologies, processes and tools.
What you’ll bring
- A firm understanding of the cloud service, security and deployment models for IaaS, PaaS and SaaS and Function as a Service (FaaS) service offerings provided by Amazon Web Services (AWS), Microsoft Azure and Google Cloud platforms.
- An understanding of the different delivery responsibility splits per service model is vital
- A firm understanding of the security, configuration and deployment requirements for SaaS offerings (such as Salesforce or O365) is highly desirable.
- Proven ability to design and implement secure cloud architectures and designs that meet clients’ business requirements and incorporate appropriate and sustainable security controls and risk reductions.
- Technical knowledge in routing, network security ingress and egress controls, Anti-DDoS, Web Application Firewall (WAF),API Gateways, Cloud Access Security Brokers (CASB), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), anomaly-based detection, secure credential management (including Privileged Access Management), virtualisation, service oriented architecture (SOA) and microservices, Secure DevOps (SecDevOps/DevSecOps), operational practices, containerisation, serverless technologies and data analytics security design.
- Experience with assessing, developing, designing, implementing, operationalizing and documenting a comprehensive set of security technologies and processes within SaaS, IaaS, PaaS, and other cloud environments, such as:
- Secure software development (securing the CI/CD pipeline))
- Infrastructure security (VPC and VNet design, Infrastructure as code, automation))
- Data protection (cryptography & key management, DLP, privacy etc)
- Identity and access management (IAM, IDaaS, PAM etc)
- Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
- Experience working with cloud security and governance tools, CASBs and server and network virtualization technologies such as SDN.
- Experience performing threat modelling and design reviews to assess security implications and requirements that accompany the introduction of new technologies. This includes knowledge of CSA, OWASP and other Industry Cloud Security Frameworks.
- Experience with deployment orchestration, automation, and security configuration management (Puppet, Chef, Docker, etc.).
What is on offer for you
Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.
Why are they different
Our client helps organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with their clients, they get under the skin of businesses and to the heart of their goals. You will too.
Applications are positively encouraged from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity. Our client is committed to hiring, developing and retaining the best people to deliver innovative, world-class solutions for their clients. They foster an inclusive culture that enables everyone to achieve their full potential and enjoy a fulfilling career. A comprehensive flexible benefits package and lifestyle policies enable their employees to balance their individual, family and work-life needs.
We want to make sure that we find the right people, and we know that working full-time isn’t necessarily right for everyone. So we’d love to hear from you if you feel you’re a great fit for this role, and would like to work flexibly. As an example, some of our client’s team members work four days a week, but travel across the UK during their working days. Or you might prefer to work three days a week (in a job share scenario) with travel limited to Greater London. If you are the right person for this role, we’ll find the right working approach for you.
|Job Category||Corporate Security, Cyber Security, IAM Jobs, Information Security, Technology Transformation|