Principal Cloud Architect (Security)
Who we're looking for
We are looking for a seasoned and highly technical cloud security architect to come and join our Information Security team and be aligned to the Enterprise Cloud function and be part of the multi-year cloud transformation program that we have embarked upon. We require someone who has in-depth experience of architecting, engineering and integrating cloud security products and cloud services, someone who has worked with cloud technology on successful, medium-large scale, cloud migrations and who has a deep understanding of cloud security best practices, industry trends, modern technologies and new ways of working.
We're a global investment manager. We help institutions, intermediaries and individuals around the world invest money to meet their goals, fulfil their ambitions, and prepare for the future. We have around 5,000 people on six continents. And we've been around for over 200 years but keep adapting as society and technology changes. What doesn't change is our commitment to helping our clients, and society, prosper.
We moved into our new HQ in the City of London in 2018. We're close to our clients, in the heart of the UK's financial centre. We offer flexible hybrid working and have facilities that include an onsite gym (a good one at that!), doctors, dentist, restaurant, coffee shop and garden balconies.
You will be part of the Enterprise Cloud team that is comprised of two functions, the Cloud Centre of Excellence covering Azure Platform SRE, AWS Platform SRE, Cloud Enablement and Cloud Architecture as well as the Cloud Business Office who cover cloud technical project management for each of the 7 Cloud workstreams namely Engineering, Migrations, FinOps, People and Training, Communications, Governance and On Premise Cost Management. You will be part of the Cloud Architecture team and provide subject matter expertise for cloud security, helping build and engineer cloud services and solutions that result in a secure cloud platform offering that integrate with the broader Schroders information security ecosystem. You will challenge the historic security processes, standards, tooling and recommend and implement new ways of working that are both fit for purpose in a modern cloud work whilst remaining secure by default. You will join a highly technical team who are solely focused on building a best in class, secure, cloud platform who are integral to a successful cloud adoption and migration programme over the coming years.
What you'll do
• Act as the subject matter expert on cloud security related matters
• Work closely with cloud architecture team to provide best in class solutions that adhere to security standards
• Identify and implement cloud security technologies and CSP services as required
• Ability to architect security in the cloud for the prevention and detection of security threats
• Challenge existing security policies to drive best in class security technologies
• Develops and maintains security policies and procedures as well as best practices documentation in relation to cloud environments
• Perform reviews and audits on cloud environments to provide suitable recommendations and remediations
• Work with wider security teams to shape architecture for multi-cloud strategy
• Document and articulate cloud driven requirements to feed into global security design strategy
• Undertake general security practices and day-to-day security operations
• Be in touch with emerging security threats, vulnerabilities and controls
• Engineer and integrate cloud security solutions & services to industry best practice with scalability, fault tolerance, highly resilient, highly secure, observability, and simplicity in mind
• Devise innovative ideas for solving hard technical security problems and translate these ideas into designs and implementation
• Work closely with development teams to help them through the cloud journey, educate teams on security best practice, evaluate, identify and implement new cloud security services
• Identify, triage, and constantly automate and evolve the platform by pushing for change that improves security, reliability, operability and developer experience
• Every week solve exciting new challenges with an amazing team and technology stack
• Employ exceptional problem-solving skills, with the ability to see and solve issues before they affect business productivity
• Engineer security solutions that are fully automated using infrastructure-as-code
The knowledge, experience and qualifications you need
• Experiences in cyber security primarily focusing in cloud security
• Diploma, degree or cyber security related qualifications
• Knowledgeable in cloud infrastructure, security architectures, and standards
• Deep technical knowledge of public cloud platform such as MS Azure and/or AWS
• Able to demonstrate clear understanding of current threats to Cloud and solutions for remediations
• Excellent understanding of service/data encryption and key management
• Able to design and implement cloud Security standards, specifications and procedures
• CSP related certifications such as AWS Certified Security and/or Azure Security Engineer
• Able to take ownership, an out-of-the box thinker with modern concepts and initiatives who likes to come out of the comfort zone with a can-do attitude.
• Good understanding across the infrastructure stack with Virtualisation, Kubernetes, Windows, Linux, environments as well as Storage, Database and Networking.
• Good understanding of modern DevOps tooling (e.g., GIT, Azure DevOps, Terraform, Azure ARM, Jenkins, Ansible, Puppet, Docker, Kubernetes)
• Understanding of PaaS, Infra-as-Code, Compliance-as-Code
• Experience with modern engineering and agile practices as well as shift left CI/CD
• Experienced with scripting and/or ideally one language, (e.g., Python, .NET, PowerShell, Nodejs, Ruby, Java)
• Proven ability to collaborate with multi-disciplinary teams across technology
• Deep understanding of broader cloud security ecosystem including Cloud Computing Technologies, business drivers and leading-edge cloud emerging technologies and trends.
The knowledge, experience and qualifications that will help
• University degree in Information Technology, Computer Science or related discipline
• IT security related certifications such as CCSP, CCSK, CISSP , CISM, SABA, OSCP will be added advantage
• Understanding Cloud Service capabilities and relative strengths (AWS, Azure, GCP, Ali)
• CSP specific certification such as Azure Security Engineer Associate or AWS Certified Security - Specialty
• Good understanding of application design patterns
• Understanding of relevant industry principles, best practices, and standards such as PCI, NIST, ISO, NCSC 14 Cloud
What you'll be like
• A passionate security technologist
• A security architect who has the hunger and desire to learn new technologies
• An advocate of cloud, cloud security, cloud adoption and cloud transformation
• Someone who embraces collaboration and change
We're looking for the best, whoever they are
Schroders is an equal opportunities employer. You're welcome here whatever your socio-economic background, race, sex, gender identity, sexual orientation, religious belief, age or disability.