Description
Our client is looking for a CloudStore Security Architect to deliver up to 30 Security user stories for the cloudstore programme in support of the Cancun release, encompassing:
- the definition of cloud security policy
- security design for cloud providers such as Amazon, openstack and Azure,
- implement control frameworks and work to influence/support/centralise security functions across our client's company to enable the delivery of Cloudstore.
Responsibility:
- To define and deliver a definitive security policy, design and architecture for all cloud services at our clients site.
- Evaluate and advise on control tooling to meet agreed security requirements in the defined policy, for example WAF rule sets
- To define and deliver a local market on boarding framework to manage the security deltas between local markets and group functions
- Evangelise and educate existing clients security functions such as architecture, assurance and delivery on the how cloud security works, how it is different from existing approaches.
- To take an active role in leading the cloudstore programme across the company by representing security requirements and delivery, working with senior stakeholders to mitigate concern with cloud security
- To drive the transformation to a cloud based security model across traditional operational areas within the company.
- Define and create future user stories to enable the industrialisation of cloudstore and local market on boarding in line with the targets set to the cloudstore program
- Review current network designs for openstack and Amazon to assure they are fit for purpose from a security perspective, create a similar design for Azure and gain sign off
- Work to get sign off of the clients cloudstore tool set, including but limited to; Active Directory/single sign on, cliqr security testing, service now security testing
- Define requirements for a security dashboard in cloudstore, establish what information should be displayed, what should be available via a report and what data is required in the event of a security incident
- Define and enable sign off on end to end audit functionality required in cloud store for security functions to support pre-approval workfows that mange the deployment of applications to cloud providers.