Cloud Security Engineer

Location: Hybrid / Junction 27 (M1) / Nottinghamshire Vicinity
Salary: Up to £60,000 per annum (Which includes 10K Supplement)
Benefits: Excellent pension (49% Employer Contributions), Generous Holiday and Flexible Working

The Client:
Curo is collaborating with a public sector client based in the East Midlands / Nottinghamshire vicinity. This is a collaborative unit with Team Members across Derbyshire, Leicestershire, Lincolnshire, Northamptonshire and Nottinghamshire. This is an exciting and fast paced division, and you will form part of a small, and dedicated team.

Please note this role requires a candidate who is eligible to undergo SC Clearance.

The Candidate:
The successful candidate will have a solid understanding of cloud fundamentals including deployment methods, security of cloud solutions, cost management, and use these to improve the infrastructures deployed and managed for the units’ workloads. You will use your cloud engineering expertise to design cloud infrastructures in line with business needs, assisting the department to evolve their cloud capabilities over time. You will keep an eye on new developments in the cloud space and continuously develop your own capabilities that support our journey in the cloud. This is currently an AWS focused department, so this role would suit a candidate with cloud experience primarily in AWS, however Azure and GCP would be an excellent bonus, as they may go multi cloud in time. They are moving towards IaaS, so we are looking for a cloud professional with DevOps skills. You will have knowledge and understanding of security requirements, best practices, and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS. Hands on Git and Python experience is required.

The Role:
This public sector organisation is keen to ensure cloud computing facilitates the modernisation in the way they think about data and technology. This in turn will ensure improvements to their service to the public and the unit’s ability to tackle crime. As a Cloud Engineer you will design, build and operate scalable and reliable infrastructure solutions. This is fundamental to achieving the ambitions of their digital strategy.

Duties:

• Provide expertise and design decisions as it relates to relevant cloud security principles, legislation and best practice.
• Responsible for ensuring the unit’s cloud capabilities meet compliance standards.
• Oversee and respond to cloud incidents and security alerts.
• Develop relationships across entities as they work to move to the cloud.
• Responsible for the development, assessment and authorisation for cloud infrastructures, including risk assessments, system security plans, IT contingency plans, and incident response plans.
• Work with other security teams to define and build to processes necessary to protect cloud infrastructure from common threat vectors including ransomware, OWASP vulnerabilities, and security compliance misconfigurations.
• Work closely with various team members to refine and enhance the risk strategy for cloud architecture, ensuring business requirements are met and risk mitigation and management is in place.
• Provide security consultation and guidance on new cloud products, features, and technology decisions. Ensuring the security of products with a strategic view of interoperable and flexible cloud solutions.
• Work with Information Security Officers, system owners, and other IAM colleagues to address audit and regulatory related issues. Ensuring cloud architectures and processes are accreditable.
• Actively engage and foster relationships with security champions on business and cloud teams to understand their needs and promote a DevSecOps culture.
• Create security automation for response and remediation of compliance findings and hardening of cloud infrastructure.
• Apply your expertise across all IT Security topics as it relates to the cloud, on-premises, and hybrid enterprise technology and the relationship between the architectures.
• Assess cloud authentication and access management services in a secure federated environment.
• Identify service-level requirements for a Cloud Service Provider (CSP), in line with national and local digital and cloud strategies.
• Taking ownership of championing cloud technology within the unit, and providing colleagues with information as to the benefits of the current AWS cloud migration project.

Knowledge, Skills & Experience:

• Significant experience in designing and deploying dynamically scalable, available, fault-tolerant, and reliable cloud operations using AWS (primarily), Azure, Google Cloud or other major cloud services would be great as a secondary skill set.
• Knowledge and understanding of security requirements, best practices, and execution in various cloud implementation scenarios: IaaS, PaaS, SaaS.
• Experience with planning and managing project efforts to define, implement, upgrade, enhance, and maintain cloud security systems.
• Experience with automation, deployment orchestration, and security configuration management with Terraform, Chef, Puppet, YAML, JSON, PowerShell, BASH, Go, or Python.
• Experience with hardening CI/CD pipelines, containers, container registries, and code repositories, and use of tools such as Jenkins, Git, Azure DevOps, etc.
• Knowledge of threat modelling, static/dynamic/interactive code analysis, fuzzing, software composition analysis, secrets management, and related tools.
• Experience with compliance and regulatory security requirements such as NCSC principles.
• Experience with designing and implementing network security solutions, including firewalls, intrusion detection, encryption, monitoring, vulnerability scanning, and authentication.
• The ability to deal professionally with content of an at times unpleasant and/or disturbing nature and work to strict procedures and protocols in a confidential environment.

To apply for this Cloud Security Engineer Job, please click the button below and submit your latest CV.

Job Reference: RL7057