The Individual
- Software engineering experience, and proficiency with at least one programming language. Working experience in a modern development environment, with automation pipelines and Infrastructure as a Code.
- Demonstrable experience of Public Cloud technologies (Azure preferred).
- Experience with cloud-native technologies, and containerisation
- Solid understanding of Cyber security concepts, including threats, vulnerabilities, security operations, encryption, boundary defence, authentication and risk management.
- Demonstrable experience with network and system security tools in the Cloud, including network firewalls, intrusion detection systems and intrusion prevention systems, anti-malware, vulnerability scanning, encryption, monitoring and developing technical engineering artifacts.
- Some experience with Security compliance (e.g. AWS Config, Microsoft Defender)
- Experience operating within a regulated industry.
- Good understanding of Vulnerability Detection systems (eg AWS Security Hub, AWS Guard Duty, Azure Sentinel. Azure Security Centre)
- Good understanding of Cloud Infrastructure Protection strategies (eg WAF, AWS Shield, Azure DDoS Protection, etc)
Responsibilities
- Act as a security Subject Matter Expert and provide guidance on cloud infrastructure.
- Work with engineering teams to design, build and maintain security services, hardening the security of our platforms.
- Build, improve and drive security monitoring and security automation.
- Identify security weaknesses within systems.
- Assist the day-to-day operations of security services
- Own, maintain and operate a portfolio of Security related tools
- Providing advice, training and mentoring to Delivery teams
- Identify gaps in our security posture and capture them in well described RFCs
- Identify and adopt best-in-class IDS/IPS system at the Internet edge of our environments
- Identify and adopt best-in-class Security information and event management (SIEM) system to analyse logs for suspicious activity and creates alerts
- Champion, plan and implement Security Compliance policies and kitemarks
- Stay current with security related Cloud Technologies, including emerging trends, best practices, commonly adopted security strategies, and popular security related third-party solutions.
- Supporting production systems on Security related vulnerabilities as required.
- Ability to document what done and produce an easy-to-follow audit trail
- Plan and work towards a Zero Trust Architecture Continuously improve Identity & Access Management
Eames Consulting is acting as an Employment Business in relation to this vacancy.