Cloud Security Consultant – Outside IR35

Posted 24 June 2024
Salary Competitive
Job type Contract
Discipline Cyber Security
Contact NameJamie Stewart
Remote working Hybrid/Flexible

Job description

Cloud Security Consultant - Outside IR35

Initial 6 Months Contract

Stott and May are seeking a highly skilled Cloud Security Consultant to join one of our Banking Clients. The role sits within the IT Security Team, with 100% assignment to projects, and is responsible for protecting the Confidentiality, Integrity, and Availability of the Bank’s information assets.

You will have:

  • Demonstrable experience of successfully securing Microsoft Cloud solutions.
  • Extensive understanding and implementation of the IT Security environment, policies, guidelines and standards, including awareness of ISO 27001/2.
  • Educated to honours degree level and/or a relevant and recognised IT Security accreditation.
  • Technical assessments of RFPs and third-party partner selection in line with OJEU or similar governance structures.
  • Broad understanding of corporate IT infrastructures and technologies.
  • Demonstrable experience of successfully operating within a ‘matrix’ IT Security team & bespoke project team.
  • Experience of working on multiple projects simultaneously and effectively managing the competing priorities.
  • Demonstrable knowledge of technical security solutions covering modern Security solutions and Tooling.
  • Knowledge of standards and industry best practice for risk assessment of IT applications, particularly in a financial setting.
  • Good understanding of PKI, digital certificates, and key management, in the context of IT applications as consumers of the service.
  • Identity and Access Management (IAM) for critical business applications, including external third-party identity and/or privileges access may be a requirement.
  • Relevant experience in the Financial Services sector.
  • Ability to handle pressure and work to challenging deadlines.
  • Scope of services successfully transitioned to third-party provider and knowledge transfer complete.

Technical Skills:

  • Demonstrable experience of conducting security assessments and threat identification, mitigation and remediation.
  • Good understanding of Defender for Cloud and its policies.
  • Ability to guide projects to apply appropriate security standards and policies.
  • Good technical understanding of Cloud security, security configuration, and best practices for servers, workstations, SASE technologies, SD-WAN, Firewall infrastructure, and penetration testing scoping.
  • Deep technical knowledge of the following: data encryption, data leakage controls, application integration, identity and access management, certificate management, and database security.
  • Excellent understanding of the Secure Application Development Lifecycle (SDLC) and the ability to advise the AppDev teams in the remediation.
  • Technical experience of some of the following applications: Security auditing tools, AV, Firewalls, Proxy, SIEM, PAM.
  • Ethical hacking and KQL background are advantageous.

Sound good? APPLY NOW!