Job description
Cloud Security Consultant - Outside IR35
Initial 6 Months Contract
Stott and May are seeking a highly skilled Cloud Security Consultant to join one of our Banking Clients. The role sits within the IT Security Team, with 100% assignment to projects, and is responsible for protecting the Confidentiality, Integrity, and Availability of the Bank’s information assets.
You will have:
- Demonstrable experience of successfully securing Microsoft Cloud solutions.
- Extensive understanding and implementation of the IT Security environment, policies, guidelines and standards, including awareness of ISO 27001/2.
- Educated to honours degree level and/or a relevant and recognised IT Security accreditation.
- Technical assessments of RFPs and third-party partner selection in line with OJEU or similar governance structures.
- Broad understanding of corporate IT infrastructures and technologies.
- Demonstrable experience of successfully operating within a ‘matrix’ IT Security team & bespoke project team.
- Experience of working on multiple projects simultaneously and effectively managing the competing priorities.
- Demonstrable knowledge of technical security solutions covering modern Security solutions and Tooling.
- Knowledge of standards and industry best practice for risk assessment of IT applications, particularly in a financial setting.
- Good understanding of PKI, digital certificates, and key management, in the context of IT applications as consumers of the service.
- Identity and Access Management (IAM) for critical business applications, including external third-party identity and/or privileges access may be a requirement.
- Relevant experience in the Financial Services sector.
- Ability to handle pressure and work to challenging deadlines.
- Scope of services successfully transitioned to third-party provider and knowledge transfer complete.
Technical Skills:
- Demonstrable experience of conducting security assessments and threat identification, mitigation and remediation.
- Good understanding of Defender for Cloud and its policies.
- Ability to guide projects to apply appropriate security standards and policies.
- Good technical understanding of Cloud security, security configuration, and best practices for servers, workstations, SASE technologies, SD-WAN, Firewall infrastructure, and penetration testing scoping.
- Deep technical knowledge of the following: data encryption, data leakage controls, application integration, identity and access management, certificate management, and database security.
- Excellent understanding of the Secure Application Development Lifecycle (SDLC) and the ability to advise the AppDev teams in the remediation.
- Technical experience of some of the following applications: Security auditing tools, AV, Firewalls, Proxy, SIEM, PAM.
- Ethical hacking and KQL background are advantageous.
Sound good? APPLY NOW!