Cloud Security Engineer in Leeds

We have an exciting opportunity for a Cloud Security Engineer to join our innovative team. This role is dedicated primarily to establishing and supporting security standards and solutions for Avnet’s cloud services. As a member of Avnet’s Global Cybersecurity & Compliance (GC&C) team, you will support Avnet’s Azure environment, as well as other cloud service providers by identifying, developing, documenting, and communicating cloud security governance, controls, policies, standards, and best practices.

What's in it for you?

• A supportive team environment where everyone really is working toward the same goal.
• A strong open-door policy within management.
• An environment where you will be given the tools and opportunities to further your career.
• Pension scheme.
• Healthcare Cash Plan.
• 25 days holiday plus bank holidays.
• Onsite Parking.
• Flexible home working.
• Cycle to work Scheme.
• Reward schemes.

What you will be doing:

• Research cloud computing and related security technologies, capabilities, and products.
• Configure, deploy, and support the GCC team’s enterprise cloud security tools.
• Identify and assess security gaps in cloud services and recommend appropriate solutions.
• Work with IaaS, PaaS, and SaaS owners, administrators, and developers, assisting with their development and implementation of cloud security controls and remediation of vulnerable cloud resources.
• Provide consulting and formal reviews as needed for cloud initiatives and projects.
• Guide project teams, developers, and administrators in the execution of cloud services to adhere to industry best practices for security and align with Avnet’s risk appetite and compliance requirements.
• Work closely with Security Operations to ensure adequate visibility and monitoring of security events and alerts, support for vulnerability management and incident response, and collaborate to evaluate threats relevant to cloud workloads and data.
• Understand business goals and needs to provide a balanced security investment.

What we are looking for:

• Extensive work experience gained in a similar role with a relevant Bachelor’s degree.
• Deep technical knowledge of Azure and strong understanding of SaaS and application workload security in the context of cloud services.
• Strong knowledge of Linux, Windows, networking, storage, containerization, encryption, API security, auditing, access control and authentication - Azure RBAC, Azure AD, SAML/OATH/LDAP.
• Understanding of DevSecOps and infrastructure as code (IaC).
• Ability to automate tasks through scripting (Powershell, Python, or equivalent).
• Experience designing, testing, building, deploying, and supporting security tools and secure solutions.
• Knowledge of industry best practices and disciplines to be the subject matter expert within the organization and contribute to the development of new concepts, techniques and standards.
• Ability to develop solutions to highly complex and uniquely challenging situations by extensive evaluation of alternatives and variables.
• Working to make ongoing improvements to policies and procedures.
• Serve as consultant to management and an internal/external spokesperson for the organization on major initiatives related to policies, plans and long-term objectives.
• Excellent communication, collaboration, and interpersonal skills.
• Ability to act as an informal team lead or coach less experienced team members.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.