Senior Cloud Security Engineer

• Work with the infrastructure team and provide expert advice on securing our use of Azure cloud and AWS services Kubernetes and containers in particular provide
  
• guidance and a level of oversight for Azure and AWS network security and Key Vault.
  
• Encourage a shiftleft approach to security
  
• Assist the Security Architect with securing our Data Platform including our use of Data bricks and synapse
  
• Collaborate with wider tech and security teams on the implementation and operation of a robust Customer Identity and Access Management (CIAM) service
  
• Document security processes and security tool lowlevel design/configuration;
  
• Contribute to the development of security service delivery and operation documentation
  
• Assist technology teams with integrating their systems and services with security services and tools.
  
• Assist Security Operations with investigating cloud incidents.
  
• Support the security and application security engineers and wider security team with their various responsibilities including achieving and maintaining ISO 27001.
  
• Certification and threat modelling activities
  

Requirements

• Professional certification such as AZ500: Microsoft Azure Security Microsoft Azure Architect Technologies AWS Certified Security Specialty AWS Certified
  
• Solutions Architect
  
• At least 8 years of experience in Security engineering roles
  
• At least 3 years of experience in AWS and Azure Cloud Security
  
• Practical experience with and exposure to crafting and implementing security best practices within a Cloud deployment such as AWS Well Architected Framework
  
• and Azure WellArchitected Framework
  
• Strong background in security fundamentals in Linux Networking and Cryptography
  
• Very good understanding of IAM Policies and cloud roles & responsibilities.
  
• Experience with Cloud Security Posture Management Platform/Cloud Workload
  
• Protection Platform such as Azure Security Centre Checkpoint CloudGuard.
  
• Knowledge of MITRE ATT&CK framework
  
• Experience in CDN tools DDOS Solutions WAF such as Cloudflare AWS WAF Cloudfront Application Gateway.
  
• Experience in Cloud Networking such as VPC Transit Gateway Private Links AWS Firewall Manager.
  
• Experience in Cloud security tools such as GuardDuty AWS Security Hub AWS Inspector Azure Security Centre.
  
• Ability to share your specific expertise to the rest of the Technology group