Security Specialist - Cloud and Container Security
About Standard Chartered
We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.
To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.
We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.
Security Technology Services (STS) is a critical function within Standard Chartered Bank operating under the overall purview of "Technology Services" .
The STS team is made up of cyber security thought leaders, who are accountable for the provision of a global set of cyber security services and products in order to maintain and continuously improve Bank's cyber security posture in today's ever evolving cyber security landscape.
The STS team protect the Bank from cyber security threats by delivering effective information security technology services, managing and responding to security incidents to ensure, and support the continuity and growth of Bank's business operations; and meet the both internal and external stakeholders' expectations across 70+ countries and territories, in which SCB operates.
The responsibilities include the following:
• Work very closely with Cloud Teams to design and deploy IaaS / PaaS / SaaS for Public Cloud infrastructure (AWS & Azure)
• Working very closely with application teams to ensure security on their application infrastructure
• Implement Azure Cloud Security solution using the industry leading products or Cloud native tools
• Design and implement in conjunction with the Cloud Infrastructure teams, a sustainable agile framework for service deployment on cloud infrastructure
• Acting as the interface between Container Infrastructure and STS Applications & Infrastructure Vulnerability Management teams and other core STS teams as and when required
• Ensure cloud infrastructure being provisioned including ongoing changes are assessed in a timely manner and meet security compliance and vulnerability management requirements
• Provide technical advice and support on security remediation to infrastructure support teams
• Review findings from and Identify root causes for common issues and provide recommendations for sustainable improvements
• Ensure end-to-end security related root cause analysis remediation for security related issues is carried out in a way that meets business and technology requirements
• Ownership of any security related risk mitigation and service improvement plans
• Demonstrates the required ethos for continuous security service improvement
• Be a team player & lead creative initiatives to enhance the capability of the overall Cloud Infrastructure service
• To ensure that existing and new systems conform to SCB security policies standards including any relevant regulatory requirements
• To maintain an expert knowledge within the team of technology and industry trends in relation to business requirements, and the direction of the Group
• Head, Cloud Infrastructure Services
• Head, Infrastructure Engineering
• Services Domain Heads within Security Technology Services
• Other relevant functions with Technology Services (Infrastructure Services, Networks etc.)
COMPETENCIES (KNOWLEDGE & SKILLS):
• Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.
• Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, Azure & AWS related certifications, SANS certifications
• Between 6 - 10 years of in-depth, hands-on working knowledge in Security assurance, technologies and Operational experience in a global environment.
• Good understanding and Implementation experience on Public Cloud Technolgies like AWS & Azure
• 3+ years experience in cloud security and a good understanding of DevSecOps principles
• Good working knowledge in:
o Scripting with a popular modern language utilized by above tools (Java, Python, Ruby, Terraform, Cloud formation etc)
o Container implementation (OpenShift, Docker, Kubernetes)
o Infrastructure as code product (Terraform, Cloud Formation, Bosch)
• Working experience and expertise in Continuous Integration / Continuous Deployment practise, tooling, and techniques, particularly evidence of leading organisational and cultural change to adopt CI/CD practises (Jira, Confluence, BitBucket, git; Jenkins, Artifactory, Terraform, Packer, Rundeck, Ansible, AWS, ELK, AppDynamics)
• Appreciation and understanding of server virtualisation, containers and hyperconvergence
• Experience in working APIs in cloud orchestration layer
• Agile development methodologies such as Scrum & Kanban is highly desired
• Experience supporting security in a DevOps environment
• Experience in working with cross-border teams, preferably in the Financial Services industry.
• Fundamental skills of Task prioritization, Time management, Customer focus.
• Proven ability to manage diverse stakeholder expectations.
• Excellent oral/written communication skills for articulating thoughts clearly with stakeholders ranging from engineers to senior business management.
Apply now to join the Bank for those with big career ambitions.
To view information on our benefits including our flexible working please visit our career pages .