Job Description
With significant executive support and sponsorship, our financial services client has launched a multi-year project to redevelop and modernise the full technology and security stack. To support this and maintain risk exposure, they are making a significant investment in the Information Security team, processes, and technology. This is a chance to join a small tight-knit Security Engineering team at an exciting time where we are designing and building the core services.
If you like working on designs for high scale, leading-edge, and operating in a truly cloud-native fashion, then we want to hear from you!
Responsibilities:
* You will be part of the Security Engineering team - helping design, implement and support key services.
* We’re a hands-on engineering team. We partner with the broader engineering organisation and also build and support our own capabilities across IT Security, IAM, SDLC, and Security Architecture practices.
* Strong hands-on experience working with major cloud solutions (IaaS, PaaS, Event-driven / Serverless, SaaS) AWS and/or Azure.
* Capable of designing, implementing, and maintaining robust solutions and re-usable patterns that reduce risk across the organisation.
* Develop policy as code, templates, and modules to implement and enforce secure patterns and guidance.
* Working with Infrastructure as Code, Containers, and CI/CD concepts.
* Clearly articulate and communicate the value of a security control vs the friction it may introduce – a credible peer within engineering.
* An interest in threat modelling as a medium to demonstrate the impact of security and robust Security Architecture’s for protecting organisations.
Skills & Experience
* 5+ years of relevant technical experience as a Security Engineer or Software Engineer
* Strong cloud and cloud native experience.
* Strong communication skills. Ability to communicate at all levels with both technical and executive stakeholders.
* A high-level understanding of security principles, control frameworks (NIST preferred), and security risks as they apply to cloud solutions.
* A good understanding of the latest security threats, threat actors, and the tactics and techniques adopted.