Cloud Security Architect - Python, GCP, AWS, DevSecOps - new job in London, UK

Cloud Security Architect

(DevSecOps, GCP, AWS, Terraform, Ansible, Python, 1SO27001, NIST)

Competitive Salary

London, Hybrid

Key responsibilities:

• Partner with Digital teams to development and implement application/cloud security standards, patterns and guidelines that support ongoing deliveries and balance risk and business benefit.
• Continuously review the design and effectiveness of application/cloud security controls and develop a program of continuous improvement to grow local capabilities.
• Provide DevSecOps thought leadership in areas of CI/CD and continuous testing & certification, site reliability within a Cloud-based microservices and data architecture based on previous business experience with large scale cloud platforms
• Work closely with cross-disciplined teams of engineers to implement innovative DevSecOps solutions and effectively mentor a team of security and software developers
• Guarantee teams' technical growth in DevSecOps and Testing approaches for large-scale cloud offerings
• Partner with the DevOps teams to optimise enterprise DevSecOps tooling and deployment methods
• Provide training and education to developers and security analysts on software security best practices in various cloud-based systems
• Recommend and evaluate security tools including static and dynamic analysers, fuzzers, security frameworks, etc.
• Identify gaps in existing security architecture and design and recommend changes or enhancements
• Partner with engineering teams to integrate security controls into continuous integration, delivery, and deployment processes.

Key Skills:

• 7+ years of cloud and security engineering experience
• Practical knowledge of DevOps, SecOps and CloudOps concepts and ways of working (one or more recognised security certifications, e.g., CCSP, SSCP, CISSP, CCSK)
• Hands-on experience of Threat Modelling, SAST, DAST, and Web application security including OWASP top 10, CWE top 25 and SANS 25
• Experience with all aspects of security regarding consumer-facing applications
• Experience with Docker, Kubernetes and Serverless
• Experience working with and securing Public Cloud (AWS, GCP, etc.), distributed and highly available systems (GCP/AWS certification a strong plus)
• Solid understanding of networking and database technologies (Postgres, MySQL, RDS, etc.)
• Clear grasp of infra-as-a-code and configuration tools, e.g.: Terraform, Ansible/Chef
• Comfortable working independently and as a team in lean DevOps cultures
• Understanding of programming languages such as Ruby, Java, Python, and PHP
• Understanding of threat modelling and risk assessment technique
• Up-to-date knowledge of cybersecurity threats, current best practices, and latest software
• Knowledge of programs such as Ansible, Puppet, Chef, Aqua, Twistlock, and Prowler
• Solid knowledge and understanding of various frameworks/regulations such as GDPR, PCI, NIST Cybersecurity Framework, ISO27001 or similar
• Experience in requirements identification, solution analysis/testing, and product selection
• Growth mindset with excellent prioritisation skills as well as excellent communication and presentation skills
• Proven experience providing customer-driven solutions, support, or service
• High level of integrity, trustworthiness, and confidence, representing the Enterprise and its leadership team with the highest level of professionalism
• Demonstrated management or leadership experience with demonstrated experience managing relationships with internal and external partners.

Compensation: Competitive Salary + Benefits

Contact:

+447502861314

Lorien Plc is acting as an Employment Agency in relation to this vacancy.