Location
Swindon | United Kingdom
Job description
Role: IT Security Consultant
Location: Swindon
Duration: 9 Months
Day rate: £650 outside IR35
Role Description:
As an IT Security Consultant, your role will be to work within our clients agile DevOps team in a hands-on capacity to deliver security requirements from a companywide initiative based on the NIST framework.
You will be working across 3 existing squads, and your interaction will include:
- Information gathering and upskilling on our existing application landscape to enable you to complete the implementation of tasks
- Working directly with team members to cross skill the team whilst delivering the requirements.
- This is a hands-on role that requires a blend of Developer/Tester/Consultant, with a strong focus on security, AWS, and C#, and infrastructure as code e.g. Terraform.
Example activities that would be asked of the successful candidate include but are not limited to:
- Educate, conduct, and support threat modelling exercises.
- Learning about our systems; writing cyber-attack recover plans and executing the plans.
- Implementing modern authentication and identity and access standards.
- Integrating automated code scanning tools into our CI pipelines.
- Making security conscious code changes in line with our security requirements and centrally driven policies.
- Implement various logging capabilities and monitoring metrics in AWS.
- Facilitating the onboarding of our applications into a central SIEM solution.
Essential skills and experience:
- Implementation of secure infrastructure for our AWS-centric cloud application portfolio and digital/data platforms.
- Application security architecture, Identity and Access Management and IT Security control design and their implementation.
- Implementation of appropriate security tools and services for the application portfolio and their S-SDLC processes, including the consideration of best practices.
- Engaging with our IT Security related forums and workgroups as well as Infrastructure and Cyber Security teams as required.
- Help building-up our internal capabilities in cloud and application security and guide the squads through upskilling activities.
- In addition to your security expertise, you should be comfortable developing and delivering solutions with C#, AWS, and Terraform.
- Experience with Threat Modelling; able to champion this as an approach and can introduce this to team members.
- Demonstratable experience in the implementation of secure applications in the AWS cloud, including cloud-native solutions.
- Demonstratable experience on working with a S-SDLC from secure design all the way to secure release and operations.
- Practical and theoretical understanding of DevSecOps and Secure CI/CD for technology stacks including Containers, IaC, SAST/DAST/IAST, Vulnerability Management etc.
- Knowledge of Identity and Access Management, including Privileged Access Management, Modern Authentication and Single Sign-On (SSO), preferably around Azure AD.
- Relevant AWS certifications in the domains Architecture and Security, e.g. SAA-C03, SAP-C01, SCS-C01 are advantageous but not essential.
- Team spirit and intercultural competency, strong communication as well as time- and self-management skills to collaborate with various stakeholders and work in and with different (business, domain, regional) cultures.
- Excellent language skills in English.
#J-18808-Ljbffr
Job tags
Salary
