Cloud IT Security Engineering Specialist

My client, a major Financial Services institution based in London, is looking for a Cloud Security Engineer Specialist to join their growing team.

About the Cloud Security Engineer Role:

The Cloud Security Engineer role is responsible for the delivery of security-related activities and maintenance and enhancements of security solutions to improve the security posture of the firm. This individual will interact with the IT Security Architecture Team, IT Security Operations Team, Project Management Teams, global IT Teams, and outsourcing partners to deliver solutions that enhance the security program for my client.

Essential Function / Major Duties and Job Responsibilities

• Strategic: As part of the Security Engineering team, develop and implement my client's security strategy in consultation with my client's IT teams, ensuring that all initiatives are mirrored in respective strategies including the overall client Strategy. Provide security advice and support for information technology projects. Research new security-related products and services to ensure that my client is equipped with appropriate industry best-of-breed tools and solutions.
• Operational: Facilitate definition, monitoring, and enforcement of secure configurations for on-premise infrastructure and applications and cloud-based environments, such as SaaS, IaaS, and PaaS. Operate and maintain my client's Security controls related to configuration compliance. Review and help refine Security procedures to ensure compliance with cyber resilience requirements. Be responsible when assigned ownership of Security-related Regulatory and Internal Audit finding(s) and provide effective/timely resolution. Design and integrate consistent security solutions across my client's on-premises and cloud environments. Oversee design principles and controls relating to third-party solution providers.
• Leadership: Work as a team member and individual contributor being able to work independently and confidently without direct supervision. Through example and behaviour, strive to provide peer leadership to other team members with the goal of being excellent service providers and enablers to other constituencies (both internal and external). Strong communication (verbal and written) skills to engage with technical and non-technical audiences. Ability to clarify technical detail and confidently communicate business risks to senior management. Execute my Security Engineering team’s vision and mission in alignment with the overall Security vision and mission, as well as my client's strategic direction as it pertains to cyber resilience.

Experience / Essential and Desired for Successful Job Performance:

• A minimum of 5 years of information security experience with at least 2 years in cloud security.
• Knowledge of hardening standards such as CIS benchmarks, STIGs, and NSA/CISA configuration baselines.
• Knowledge of the following: firewalls, switches, routers, application servers, web servers, databases, operating systems.
• Sound knowledge of enterprise security concepts/frameworks and products, secure design principles, and patterns.
• Monitor, tune, and develop technical my client's Security controls and frameworks to ensure appropriate preparation, monitoring, and response to threats.
• Ability to collaborate effectively with others to drive forward key security objectives.
• Strong documentation and report writing skills (to both technical and business audiences).
• Excellent time management and organizational skills combined with technical my Security acumen.
• Financial and/or Banking industry experience preferred.

Qualifications / Certifications:

• B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent) or Security Certifications such as CISSP, SANS GIAC GSEC, GCED, GCIA, GCIH, GREM; or Cisco CCNA, CCNP; or equivalent.
• Industry recognized cloud security qualifications (e.g. CCSK, CCSP, AWS Security Fundamentals, AWS Certified Security).
• Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook.

If the above is of interest please apply to this role or call me on 0207 509 8040 to find out more.