Role Summary Our client are seeking a passionate cloud security technologist to join and help build our rapidly expanding Hybrid Cloud Security Consulting & Delivery team. You will be a key member of cloud security engineering teams assigned to client engagements to deliver cloud security solutions needed to support complex cloud-based applications. You will serve as a cloud security specialist and consultant to provide technical guidance and expertise on cloud security architecture and engineering best practices.
- Key member of cloud security engineering teams delivering hybrid cloud infrastructure solutions on client engagements and internal projects whilst supporting the team to steer solution design.
- Provide thought leadership by authoring technical and opinionated blogs, articles, and whitepapers.
- Maintain awareness of emerging security technologies and evaluate suitability to improve client solution or bolster offerings.
- Balance best of breed technical implementation with the commercial schedule and work within budget imperatives
- Influence, engage and develop relationships with internal and client technical teams.
- Promote our services and identify client opportunities.
- Support preparation of client RFP/RFI responses and client proposals
- Support preparation and deliver presentations/workshops/demos of cloud security offerings for client pre-sales meetings and industry events such as Google Next or AWS reinvent.
- Prepare and present at community events such as Meetups and internal seminars.
- Mentor junior engineers and peers
- Maintain and expand deep cloud knowledge, industry trends, and best practices.
Competencies and Skills Needed
- Certified in one or more cloud platforms: Google Cloud - Security specialisations preferred.
- Certified in one or more security neutral certifications. CISSP, CCSP, GIAC preferred
- Experience hardening and assessing cloud resources following cloud vendor and neutral security frameworks and guidance such as CIS Benchmark or OWASP.
- Practical knowledge securing cloud foundation services such as compute, network, storage, databases as well as build, deployment, and operations services.
- Experience architecting and enabling cloud security services for hybrid cloud environments including IAM, account/resource access policies, key management, firewall rules and monitoring alerts.
- Applied knowledge of DevSecOps principles and automated security testing techniques and tools.
- Applied knowledge of advanced security products for threat detection & intelligence, cloud workload protection and SIEM integration.
- Familiarity with container and Kubernetes security and conceptual understanding with multi-tenant architectures using service mesh (Istio, Consul)
- Conceptual understanding of:
- Adversary and intrusion techniques. Experience with threat modelling resources such as MITRE ATT&CK
- Modern application architectures and cloud platforms
- Cloud-native secret management and encryption engine solutions
- An ability to apply structured thinking, simplifying complex problems into component parts, to the resolution of project challenges.
- Effective communication and interpersonal skills to be able to establish rapport with people at all levels.
- An eye for detail and accuracy, and an affinity with design issues and the ability to help establish and own a vision for our solutions.
- Organizational ability and tenacity; able to think ahead to establish an efficient and appropriate course of action for self and others.
- Take a proactive approach to work, good with handling uncertainty and can manage their work without close supervision.
- A strong sense of ownership and a desire to deliver quality outcomes for the business.