Chief Information Security Officer - AWS (CISO) (DV Cleared)

This job has now expired please search on the home page to find live IT Jobs.

Our Central Government client are looking for an experienced Senior Security Architect / Chief Inforamtion Security Officer (CISO)(DV Cleared) Summary of the work Develop & document security-architecture & data-handling approach.Develop & maintain security policies and procedures.Security representation to senior stakeholders.Identify, document and manage security risks.Security input to project-planning.Conduct internal security-audits and remedial activities.Manage external security-audit (e.g.ITHC) and remedial-activities.Manage implementation of security-tooling.Ongoing skills-transfer to staff. Who you will work with

You will provide security direction & support to the current team including a broad mix of engineers, architects & specialist roles covering the full spectrum of big-data, cloud infrastructure and business analysisYou will engage with other teams, for example;Design Authority for design sign-off.Data Protection team for data governance.Security Architecture team.Stakeholder teams, e.g. data analysts & scientists.3rd party suppliers and auditors (e.g. IT Health-Check teams). What you will work on

Data ingestion from existing service, surfacing of data to users of new AWS Data Platform and data transfer to downstream systems which consume this data (e.g. Data Warehouse & RIS). Key skills and Experience Membership of a relevant professional body (e.g. BCS, CIISec).At least 10 years of broad security experience, with a relevant general security qualification (e.g. CISSP, CRISC, CISM).At least 10 years of experience in interpreting & implementing HMG security policy.At least 10 years of experience developing security architecture, with a relevant senior security architecture qualification (e.g. CCP Senior Security Architect).At least 5 years of experience in risk assessment and risk management, with a relevant risk management qualification (e.g. CCP SIRA).Demonstrate extensive experience in providing board-level representation of securityDemonstrate extensive experience in the development and implementation of security strategy, policies and proceduresDemonstrate extensive experience in provision of Security Education & Awareness Training (SEAT)Demonstrate extensive experience in security incident responseDemonstrate extensive experience of managing security within agile teams withinDemonstrate extensive experience in managing the conduct of Security IT Health Checks (ITHC) and remedial activities, ideally having led an ITHC engagementDemonstrate a solid understanding of securely handling sensitive data, including data valuation and interpretation of GDPR, DPA and other relevant legal instrumentsDemonstrate experience of managing security in the context of open-source code repositories and productsDemonstrate extensive knowledge of working with the AWS cloud platformDemonstrate extensive knowledge of AWS Identity and Access Management (IAM)Demonstrate extensive knowledge of AWS security and monitoring tools (e.g. AWS Security Hub, AWS Config, AWS CloudWatch)Demonstrate experience in the practical hands-on implementation and management of security toolsSenior membership of a relevant professional body (e.g. FBCS, FCIISec).Demonstrate experience of implementing systems of recordDemonstrate knowledge of AWS networking conceptsDemonstrate experience of using and securing AWS Key Management Service (KMS)Demonstrate experience of using and securing AWS Cloud Hardware Security Module (CloudHSM)Demonstrate experience of using and securing AWS Certificate Manager Private Certificate Authority (ACM PCA)Demonstrate experience of using and securing AWS Simple Storage Service (S3)Demonstrate experience of using and securing AWS Elastic Cloud Compute (EC2)Demonstrate experience of using open-source security tools (e.g. Snyk)Demonstrate experience of Continuous Integration and Continuous Deployment (CI/CD)Demonstrate experience of using Infrastructure as Code to provision and manage cloud infrastructure using terraformDemonstrate experience of using Git and GitHub, GitLab or BitbucketDemonstrate practical experience of configuring physical network and security tools (firewalls, switches, load balancers, etc)Demonstrate experience of managing service migration from on-premise to cloud-hosted platformsDemonstrate experience working in Data Centres Security Architect (DV Cleared), Security, Architect, Architecture, Risk, Audit, CISSP, CRISC, CISM, CPP, CPP SIRA, SEAT, Agile, ITHC, GDPR, DPA, Open-source, AWS, IAM, AWS Security Hub, AWS Config, AWS CloudWatch, AWS Key Management Service, KMS, CloudHSM, ACM PCA, S3, EC2, Snyk, CI/CD, Terraform, Git, Github, GitLab, Bitbucket, Data Centres, HMG, Central Government, Public Sector, DV Clearance, DV Cleared, Level DV, Developed Vetting, Development Vetting, Developed Vetted, Development Vetted