AWS Cloud Security Architect
CloudFactory, United Kingdom

Experience
1 Year
Salary
0 - 0
Job Type
Full Time Job
Job Shift
Morning Job
Job Category
Engineering
Traveling
No
Career Level
Non-Managerial
Telecommute
Remote/Online Job
Qualification
Bachelor's Degree
Total Vacancies
1 Job
Posted on
Feb 26, 2021
Last Date
Mar 26, 2021
Location(s)
United Kingdom

Job Description

CloudFactory is scaling up and growing fast, with $78 million in venture capital investment and offices on four continents. We’re looking for talented people to join us on our mission as we earn, learn, and serve our way to becoming leaders worth following.

As we continue to scale we are seeking a Cloud Security Architect with high knowledge of AWD technologies to be responsible for ensuring that all the software built and integrated by CloudFactory exhibits the appropriate security characteristics for deployment in a large-scale cloud-native architecture.

It is also their responsibility to create a culture of security-mindedness in CloudFactory’s engineering team.

Key Responsibilities:

  • Overall ownership of the protecting the platform from external security threats. Focused on high and low level application and platform security design
  • Translating regulatory and compliance into specific technical policies, patterns and requirements that can be applied by engineers to all development activities and stories. To interpret regulatory and compliance obligations to understand changes required to our platform
  • Consultant to engineers and architects when designing new components to support development teams to incorporate security best practises in code
  • Coordinate with internal InfoSec/SecOps teams with responsibility for understanding existing and emerging threat vectors, attacks and the techniques and technologies to mitigate them.
  • Liaise with external security partners with overall ownership of the process for identifying and correcting security flaws in third party products and libraries used on the platform
  • Supporting Client Technology Solutions and Sales
  • Assist the Product team in making sure security features and requirements are included in development roadmaps
  • Promoting security-related skills and mindset in Platform Engineering and establishing security-related career paths and best practices.
  • Acting as a consultant on Internet security issues to any team or department that needs
  • Creation and maintenance of best practice, policy and how-tos for the Platform Engineering team
  • Leading real-time response teams during attacks or breaches
  • Leading investigations after attacks or breaches
  • Reviewing the security status of existing technologies and architectures


Performance Objectives:

1. Assess and report on the state of CloudFactory’s existing software platform and development processes. During the first six weeks, work with all members of the Platform Engineering, Product Development and Enterprise IT teams to understand and report on the exposure (or otherwise) of CloudFactory’s existing software to security and data protection risks and how the development processes and culture have led to the current state.

2. Understand CloudFactory’s regulatory and compliance obligations. CloudFactory is a complex entity with employees, workers and clients from many different countries. CloudFactory also voluntarily submits to various compliance and certification programmes. Within two months of starting, the Principal Security Engineer will need to understand the implications of these obligations on security and data protection within the CloudFactory platform.

3. Adapt product and software development processes to embed security consciousness. Once the above objectives have been met, work closely with the Directors of Engineering and Product Development to implement changes to our development processes to ensure that requirements for data protection and security are always appropriately considered during the development process.

4. Design generic run-books and policies for security. CloudFactory follows a ‘technical policy’ driven approach to governance with policies that provide specific guidance to developers to avoid the same questions being revisited in every development story. Within three months of starting, it is expected that the Principal Security Engineer will have produced policies that engineers will be able to apply to all new software.

5. Perform and document a gap analysis. Once the above objectives are complete, re-analyse the existing CloudFactory platform and provide recommendations on how to either bring deployed software up to standard, to re-write that software or to sunset it. As part of this exercise a formal analysis of the risks CloudFactory continues to run with the platform in its current state should be produced.

6. Define security roles and career path. Once the above objectives are complete, work with the Director of Engineering to define the security related roles required by CloudFactory engineering and how CloudFactory should recruit into, or develop existing staff, into those roles.

Requirements

Essential:

Job Specification

Job Rewards and Benefits

More Jobs like this Job

Jobs in London United Kingdom
Jobs in this company

CloudFactory

Information Technology and Services - San Jose, United States
© Copyright 2004-2024 Mustakbil.com All Right Reserved.