|Listed on:||15th May|
You will be a key member of a growing cloud security team at Dyson focused on IoT (Internet of Things) security. You will have commercial security experience under your belt including experience securing infrastructure and applications within the Amazon AWS cloud using the Amazon shared responsibility model.
You will need to work closely with various product design teams (embedded design teams, cloud architects, developers, project & release managers) to input into project non-functional and functional requirements.
You will need to maintain positive engagement and stakeholder support for IoT security to ensure it is understood and supported.
Work with security research, cloud and embedded engineers to understand and respond to threats facing the Dyson IoT cloud.
Assist with building security tooling to support pre-commit, Continuous Integration, Continuous Deployment through to production.
Support the development of security operations for monitoring, testing, audit and compliance of the Connected/IoT programme.
Assist the Infrastructure team in improving platform availability using automated protection mechanisms.
Design, coordinate and oversee security testing to verify the security of systems and cloud applications and drive the remediation of identified vulnerabilities.
Provide security risk assessment & recommendations, ensuring appropriate controls are in place to protect the business, and our customers.
Keep abreast of cloud security advisories, alerts, security trends and practices.
Ability to support the test practice to sign off functionality from a security perspective and give the go-ahead for production.
Communicate with technical and non-technical audiences at various levels, including project managers, delivery teams, wider security teams, and risk owners.
Develop and maintain strong working relationships with key IT, business, and supplier contacts.
Able to articulate threat and risk in the context of data privacy and brand reputation.
Providing pragmatic security guidelines and advice.
Contributor to enhancing development processes and tooling that highlight security issues to analysts early on in the development lifecycle.
Willing to prove out security methodologies through the production of prototype code in your chosen language.
Able to apply security principles across a wide variety of development languages
Act as an ambassador for all things security and be proactive within security communities both academic and commercial.
If you can demonstrate the following (essential)
1 years security experience
Linux or Windows system administration
Coding in any modern language
And some of these
DevSecOps approach to cloud security
Appreciation of risk
Use of encryption
OWASP, NIST frameworks
Familiarity with Agile / Scrum working practices
A passion for security
Then we're keen to speak to you!
To find out more and to apply, please click the APPLY button.