At a Glance
- Tasks: Administer and optimise cloud security platforms while ensuring risk reduction across multi-cloud environments.
- Company: Join a leading insurance company focused on innovative cloud security solutions.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Other info: Dynamic team environment with excellent career advancement opportunities.
- Why this job: Make a real impact in cloud security and work with cutting-edge technologies.
- Qualifications: Experience in cloud security and strong problem-solving skills required.
The predicted salary is between 36000 - 60000 £ per year.
Location: Norwich
Mandatory Skills: Cloud Security Posture Management.
The Cloud Security (Wiz Admin) is responsible for administering, operating, and optimising Aviva’s Wiz Cloud Security Posture Management (CSPM/CNAPP) platform. This role ensures continuous visibility, governance, and risk reduction across Aviva’s multi‑cloud environments (AWS, Azure, GCP). The administrator will drive operational excellence, support engineering teams, integrate Wiz into enterprise tooling, and maintain policy compliance and posture improvement.
Key Responsibilities
- Platform Administration & Operations
- Own day‑to‑day administration of the Wiz platform across all cloud environments.
- Maintain Wiz connectors, least‑privilege roles, integration points, and scanning configurations.
- Ensure onboarding/offboarding of cloud accounts, subscriptions, and K8s clusters.
- Monitor platform health, ingestion coverage, API integrations, and license utilisation.
- Review, tune, and maintain security policies, controls, and baselines (e.g., CIS, NIST, ISO).
- Validate and enhance attack path analysis, identity risk detection, and data exposure mapping.
- Partner with Cloud Platform teams to ensure guardrails remain aligned with Wiz detections.
- Work with DevOps/SRE teams to embed Wiz in CI/CD pipelines for IaC scanning.
- Run onboarding sessions for teams on using Wiz Issues, Projects, and Policy‑as‑Code.
- Validate false positives/negatives and fine‑tune policy gates for Terraform, ARM/Bicep, and CloudFormation.
- Support Cloud Security, SOC, and IR teams during investigations involving publicly exposed, exploitable, or high‑risk cloud assets.
- Provide expert analysis on Wiz findings and attack paths; propose remediation and compensating controls.
- Integrations & Automation
- Maintain integrations with Jira/ADO, SIEM/SOAR, Slack/Teams, and CMDB/GRC.
- Automate workflows for enrichment, prioritisation, ticketing, and reporting.
- Partner with Engineering to build auto‑remediation playbooks for safe‑to‑fix classes (e.g., public S3, permissive IAM).
- Governance, Reporting & Compliance
- Produce monthly security posture reports for leadership and Risk/Compliance teams.
- Support external and internal audit requests using Wiz’s evidence and compliance modules.
- Manage exceptions/waivers and ensure they are reviewed and retired on schedule.
Core Technical Skills
- Strong understanding of AWS, Azure, and GCP security controls and architecture.
- Hands‑on experience with cloud IAM, network security, logging/monitoring, and workload security.
- Familiarity with Kubernetes security and container image scanning.
- Experience operating cloud security platforms (Wiz preferred; alternatives: Prisma, Lacework, Defender for Cloud).
- Working knowledge of Infrastructure‑as‑Code (Terraform strongly preferred).
- Understanding of identity and entitlements management (CIEM).
- Ability to analyse cloud attack paths and map misconfigurations to real exploitable risk.
Nice‑to‑Have Skills
- Experience integrating security tools into CI/CD pipelines (Azure DevOps, GitHub, GitLab).
- Knowledge of SAST/DAST/Secret scanning tools.
- Exposure to SRE or Cloud Platform engineering.
Soft Skills
- Strong communication skills—able to simplify complex findings for engineering teams.
- Problem‑solving mindset with a bias for automation and scalability.
- Ability to work cross‑functionally with Security, Cloud Platform, DevOps, Risk, and Audit.
- Comfortable with influencing teams without formal authority.
Cyber Security Analyst L4 in Norwich employer: Test Triangle Ltd
Aviva is an exceptional employer, offering a dynamic work culture in Norwich that fosters innovation and collaboration among its teams. As a Cyber Security Analyst, you will benefit from continuous professional development opportunities, a commitment to employee well-being, and the chance to work with cutting-edge cloud security technologies. Join us to make a meaningful impact in safeguarding our multi-cloud environments while enjoying a supportive and inclusive workplace.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security Analyst L4 in Norwich
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the cyber security field. Attend meetups, webinars, or even local events. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to cloud security and automation. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common questions and scenarios specific to cloud security. Practice explaining complex concepts in simple terms, as communication is key in this role. We want to see how you can simplify findings for engineering teams!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive about their job search. So, get that application in and let’s get you on board!
We think you need these skills to ace Cyber Security Analyst L4 in Norwich
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Cyber Security Analyst role. Highlight your experience with cloud security, especially with platforms like Wiz, and any relevant certifications. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cloud security and how your background makes you a great fit for our team. Keep it concise but impactful—show us your personality!
Showcase Relevant Projects:If you've worked on any projects related to cloud security or automation, make sure to mention them. We love seeing practical examples of your work, especially if they involve tools like Terraform or CI/CD pipelines. It helps us understand your hands-on experience!
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way to ensure your application gets into the right hands. Plus, it shows us you're keen on joining our team at StudySmarter!
How to prepare for a job interview at Test Triangle Ltd
✨Know Your Cloud Security Inside Out
Make sure you brush up on your knowledge of AWS, Azure, and GCP security controls. Be ready to discuss how you've managed cloud security platforms like Wiz or similar tools, and be prepared to share specific examples of how you've improved security posture in previous roles.
✨Demonstrate Your Problem-Solving Skills
Prepare to showcase your problem-solving mindset by discussing past challenges you've faced in cloud security. Think of scenarios where you automated processes or improved workflows, especially in CI/CD pipelines. This will highlight your ability to think critically and act decisively.
✨Communicate Clearly and Effectively
Since strong communication skills are essential for this role, practice explaining complex security concepts in simple terms. You might be asked to present findings or collaborate with engineering teams, so being able to convey your ideas clearly will set you apart.
✨Familiarise Yourself with Compliance Standards
Get comfortable with compliance frameworks like CIS, NIST, and ISO. Be ready to discuss how you've maintained policy compliance in the past and how you would approach governance and reporting in this new role. Showing that you understand the importance of compliance will demonstrate your readiness for the position.