The following job is no longer available:
Cloud Security Specialist DevSecOps Fully Remote

Cloud Security Specialist DevSecOps Fully Remote

Posted 8 October by Reqiva Ltd
Exciting New Fully Remote role within a leading technology company, with offices throughout the UK. Working within the security team as a Cloud Security Specialist.

Working as a security specialist embedded in the DevOPS teams, you will provide in depth and practical Cloud security expertise to the rest of the DevOps and Information Security teams. They will lead in the creation of secure cloud design, configuration and operations standards, policies and procedures and they will provide security advice to colleagues in Engineering, IT and other teams.

You will be installing and configuring cloud native as well as third party cloud security tools and systems. They will be monitoring, in conjunction with our Security Analysts, the security health of our Cloud estate, as well as our external attack surface (Cloud and OnPrem), as well as producing reports and continuously recommending improvements in our security practices and controls, external and internal.

Core Responsibilities

Secure design and configuration:

- Design secure cloud infrastructures and delivery systems with objectives like speed, scalability, robustness, zero-trust, automation and supportability at the core.

- Ensure that our Cloud estate (Azure, AWS, SalesForce, etc) is configured securely according to industry standards, as well as our own.

- Provide expert Cloud security advice to DevOPS and Software Engineering colleagues.

- Do research and consultation with colleagues, as well training (including on the job) to maintain own's awareness of trends in Cloud security threats, attacks, technologies, controls and regulations.


- Monitor our Cloud estate, react to, investigate and respond to all real or perceived information security and cyber related events, issues, incidents, threat and attacks. - co-working with Security Analysts.

Action and Response:

- Work with existing teams and enterprise systems (e.g. Service Desk) and procedures to quickly assess and process the most appropriate next action when faced with various pieces of data and information concerning information security and risk.

- Determine the severity of alerts and security vulnerabilities, assess potential impacts, recommend next steps, follow through with risk treatment and mitigation.

- Escalate issues, appropriately, to various teams and levels of authority inside the organisation.

- Act as the first Point of Contact (POC) for all Cloud security events, anomalies, incidents and investigations

- If present and applicable, perform duties according to agreed SLA/OLA's.

Security and Technical Experience Required:

- Advanced understanding and demonstrable hands on experience with Cloud environments, systems and tools (e.g. Terraform) and with fundamental Internet and security technologies (routing & switching, DNS, FW, IDS, Anomaly detection), in an enterprise or service provider environment.

- Good experience securing and monitoring Cloud (IaaS/PaaS/SaaS/hybrid, containers, serverless, etc) environments (applications, infrastructure, operations, processes, etc). - minimum 3 (three) years practical cloud security experience required.

- Scripting and automation: Advanced ability to read and understand code, understand logs and alerts, to use specialist tools (Cloud native and 3rd party), as well as programming / scripting languages (Python, Shell, PowerShell, AWS Lambda, Azure Functions, PowerApps), to automate tasks, to enable security at speed and scale.
Role Profile

- Good expertise in taking policy statements and translating them into actual, implementable, security controls and templates that can be monitored, audited and constantly improved.

- Good understanding of common information security management standards, frameworks, and laws / regulations: e.g. CIS Top20, ISO/IEC 27001, NIST 800-53, BSIMM, etc; GDPR, etc.

- Experience of open source security tools and how they could be used in an enterprise.

If you are interested in this opportunity, Apply Now!

Ben Curtis - Reqiva - -

Reference: 41151106

Bank or payment details should never be provided when applying for a job. For information on how to stay safe in your job search, visit SAFERjobs.

Report this job