CAREERS

Effective cloud security infrastructure enables us to scale our fast moving and successful business into the public cloud. In this role you will design and implement robust cloud security controls and processes that empower our business to be productive in the evolving threat landscape. We are looking for a confident, experienced and pragmatic individual to join our global infosec team and to focus on securing our cloud (primarily AWS). This role requires hands-on experience with cloud providers, familiarity with DevOps practices and proficiency in enabling teams of developers to deploy and run applications on reliable platforms.

The ideal candidate enjoys solving complex problems, is an effective communicator capable of interfacing with a range of stakeholders and is experienced in delivering solutions using their technical proficiency. You are passionate about learning, keen to find opportunities to cross-train and willing to participate in the broad range of projects that our small security engineering team encounter. You advocate for quality, reliability, and take pride in the solutions you build.

MAIN DUTIES/RESPONSIBILITIES OF THE ROLE:

• Design, implement and evangelise secure defaults for our internal users, including IAM, SCPs, Secrets Management, Logging, Monitoring
• Document cloud infrastructure designs, patterns and configurations so they can be effectively adopted
• Partner with Cloud, Technology and Development teams to implement and maintain secure configurations, guardrails and alerts for our cloud environments
• Deliver using efficient, reliable and scalable methods including automation, testing and monitoring
• Collaborate across the business to remediate security issues and risks
• Lead and coordinate response to security incidents, investigations and alerts

WORK EXPERIENCE/BACKGROUND:

Essential

• 5+ years professional experience in securing one or more public cloud environments (AWS preferred)
• Proficient in using infra-as-code to reliably scale and automate the management of cloud services
• Hands-on experience with scripting and at least one programming language, e.g. Java, Golang, Python etc
• Experience working in a software delivery lifecycle, GitOps, CI/CD tooling
• Proactive, team-orientated attitude with a strong emphasis on collaboration and continuous learning

Desirable

• Familiarity with integrating security into the developer SDLC, through scanning, posture management and guardrails
• Familiarity with cloud security standards and frameworks for assessing compliance, maturity and effectiveness
• Experience automating testing and monitoring effectiveness of cloud controls using AWS Config, Lambda or equivalent open source/vendor tooling
• Proficient in navigating dynamic, fast paced and complex environments