We are looking for a remote Senior Cloud Security Engineer to provide in depth and practical cloud security expertise. You will use this knowledge to implement security controls, monitor and respond to security events and incidents for our client's cloud estate (Azure, AWS, SalesForce or similar).
In this role, you will be responsible for preventing and detecting security issues, events and incidents (e.g., attacks, intrusions, misconfigurations) for our client's cloud estate. This will include recommending and implementing appropriate and proportional actions to keep our data and operations, as well as our customers' data, safe.
Main tasks to include:
- Help to securely design secure cloud infrastructures and delivery systems with objectives like speed, scalability, robustness, zero-trust, automation and supportability at the core.
- Implement and continuously improve cloud security controls.
- Complete research and consultation with colleagues, as well as training (including on the job), to maintain awareness of trends in cloud security threats, attacks, technologies, controls and regulations.
- Determine the severity of alerts and security vulnerabilities, assess potential impacts, recommend next steps, follow through with risk treatment and mitigation, in the cloud domain.
- Function as the first Point of Contact (POC) for cloud security events, anomalies, incidents and investigations, and risks - help make the core cloud engineering stronger.
- Work with existing teams and enterprise systems (e.g., Service Desk) and procedures to quickly assess and process the most appropriate next action when faced with various pieces of data and information concerning information security and risk.
You will have a 'can do' attitude with the ability to perform a wide variety of complex technical, operational and/or project activities. You will show initiative, be humble, helpful, and collaborative.
You will also need:
- Advanced understanding and demonstrable hands-on experience with cloud environments, systems and tools (e.g., underlying cloud provider IaC technologies (e.g., ARM templates or CloudFormation), Terraform or similar) and with fundamental Internet and security technologies (routing & switching, DNS, FW, IDS, Anomaly detection), in an enterprise or service provider environment.
- Excellent and in-depth experience in securing and monitoring Cloud (IaaS/PaaS/SaaS/hybrid, CI/CD, containers & serverless including Azure Functions, PowerApps, Azure Logic Apps, AWS Lambda) environments (applications, infrastructure, operations, processes).
- Ability to read, understand and create code, understand logs and alerts, to use specialist tools (Cloud native and third party), as well as programming / scripting languages (e.g., Python, Shell, PowerShell) to automate tasks, to enable security at speed and scale.
- Ability to provide in depth and practical cloud security expertise to other teams, to recommend and implement appropriate and proportional controls to keep our platforms, data and operations, as well as customers' data, safe.
- Good written and verbal communication, analysis and collaborative skills.
- Poise and ability to act calmly and competently in high-pressure situations (e.g., during an incident).
The role is offered as a remote / home-based position and comes with an excellent salary and benefits package.
Please note that due to a high level of applications, we can only respond to applicants whose skills and qualifications are suitable for this position.
No terminology in this advert is intended to discriminate against any of the protected characteristics that fall under the Equality Act 2010.
Bowerford Associates Ltd is acting as an Employment Agency in relation to this vacancy.