Cloud Security Engineer
Cloud Operations Manager
Dependant upon experience
Centrality offices (Arran Park, Chapel Road, Meppershall, Bedfordshire, SG17 5NQ)
40 hours per week (some out of hours work may be required)
This role will be responsible for setting up and managing a new Security Operations Centre (Managed SOC), which is a 24 x 7 service provided by Centrality that allows customers to outsource responsibility for monitoring, threat hunting and responding to security threats once they are discovered.
- Design and develop security architectures for our Database-as-a-Service offering and cloud systems.
- Conduct periodic security assessments, audits and architecture reviews in order to introduce new controls in the cloud platform and improve the overall security posture.
- Collaborate with product engineers to design, build and optimise advanced detective and preventive security controls, including automated responses.
- Contribute to the security of our CI/CD pipelines and the automation of our DevSecOps processes (sSDLC).
- Act as a subject matter expert specifically focused on cloud security, automation, and monitoring technologies.
Skills and Experience
- Extensive hands on experience and in-depth knowledge in Azure cloud platforms is essential.
- Proven cloud security architecture knowledge and expertise.
- Experience of reviewing and designing the security of complex application and technology architectures in the cloud as part of digital transformation and cloud migration projects.
- Strong knowledge of cloud identity and access management controls, tools and technologies.
- Experience of analysing cloud security risks and threats, performing cloud security audits and assessments and recommending cloud security controls.
- Experience of implementing cloud vendor security hardening practices.
- Exposure to cloud security monitoring including tooling, log collection and log analysis.
Key Skills and Knowledge
- Working knowledge of key cloud security standards such as NIST, CIS, NCSC and ISO.
- Clear, concise and articulate written and verbal communication, when presenting and explaining results and findings.
- Ability to manage stakeholder expectations including senior-level relationships.
- Able to work independently with minimal supervision and integrate well into teams.
- Demonstrate a strong ability to learn and share knowledge.
- Accuracy and attention to detail.
- Appropriate cloud and industry qualifications and certifications such as CCSP, CISSP
- Microsoft Certified Azure Administrator (AZ-104) (desirable)
- Microsoft Security Operations Analyst(SC-200) (desirable)
- Microsoft Certified Azure Security Engineer Associate(AZ-500) (desirable)
- Training will be given
- Valid driving license
- Own means of transport