Cloud IT Security Specialist
Central London - Contract - £650-£775 per day (inside IR35)
Background:
We're seeking an accomplished Cloud IT Security Specialist to join our exceptional client, working in a secure on-site environment to drive major business, process and technical transformation across their complex organisation. This role will require you to undergo security clearance prior to taking-up your assignment.
What will I be doing?
- Working with Development Teams and Technical/Security Architects to design Cloud-based applications and infrastructures, including providing specialist advice to design authorities on requirements and best practice designs to achieve and maintain required levels of assurance.
- Reviewing Cloud architectures from a confidentiality, integrity and availability perspective.
- Advising on business-specific requirements to manage information risks.
- Monitoring changes to live Cloud deployments, challenging where appropriate, and assessing implications for assurance status.
- Working in a Dev-Rel capacity across Engineering teams to provide Cloud Security Point-of-Contact, and support Site Reliability Engineer and Cloud Security Champion roles.
- Providing Security Subject Matter Expert advice on Cloud Security Controls, and review Cloud offerings against business security requirements.
What experience, qualifications and aptitudes will I need?
- Demonstrable experience in AWS Cloud Security Architecture design, threat modelling, and the implementation of Cloud Security Controls; specifically in relation to migrating on-premise workloads to the Cloud with a focus on security.
- Experience in reviewing Cloud migration strategies for Cloud, On-Prem, and Hybrid models.
- Understanding of NCSC Cloud Guidance, Principles and Good Practice guides, coupled with the ability to apply them pragmatically and in line with the needs of the business.
- Able to facilitate Threat Modelling workshops with multidisciplinary teams, and produce relevant outputs.
- In collaboration with security architects, able to assess the level of technical capability of potential threat actors and to review Cloud security risk assessments.
- Relevant qualifications (e.g. NCSC Certified Cyber Professional (CCP); (ISC)2 Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); Certified Information Systems Auditor (CISA) ISO 27001; Lead Auditor and/or Implementer COMPTIA Security+; CREST / Tigerscheme Penetration Tester; AWS Solutions Architect).
#J-18808-Ljbffr