Description
Principal Cloud Security Consultant
Contract
Amsterdam, NL
At Paratus People, we're seeking highly technical cloud computing security expert with whom DevOps automation is second nature, to work on enabling a secure foundation for hosting critical workloads in our clients Multi-Cloud Platforms.
As a member of our clients Security division you will enable the team in its goals of embracing cloud-based technologies across multiple providers (AWS, Azure, AliCloud) supporting differing service categories (IaaS, SaaS, PaaS), IT Security team requires security skilled staff to support the demands of the business and to care for our customer base.
While you must be able to communicate effectively with our customers to help them understand security issues and solutions as well as continuous delivery/Cloud concepts, this is very much a "hands-on" role.
You will be expected to be at home creating automated solutions with CloudFormation, Ansible, Jenkins and other DevOps tools. While effective and articulate communication is essential, being able to breathe life into those ideas with code is equally critical. You will be expected to evolve and strengthen the DevSecOps discipline with "Security as Code" to implement code-based preventive, detective and reactive controls in the Public Cloud to ensure compliance to Policies. Develop Security automation and APIs in the Public Cloud across the key pillars of security namely IAM, CICD Security, Security Logging, Incident Response, Data Protection, Compliance Validation. Security Analytics, Vulnerability Management, Platform and Application Threat Modelling for instance.
- Become proficient with corporate and industry security requirements
- Act as an advocate of information security policies, standards and as a mechanism to enable the business effectively while managing risk appropriately
- Manage cloud security vendor products (ie Evident.io, Dome9, Redlock.io) for responsible IT portfolios
- Manage addition/deletion of cloud accounts, ensuring continuous monitoring
- User administration
- Signature management and tuning
- Assist customers with solution integration features
- Manage vendor(s) to meet the needs of the business
- Produce scorecards and related metrics
- Gain deep security-level knowledge of cloud environments, continuous monitoring solutions to understand and explain security risks and mitigation techniques.
- Stay current on cloud security policies, standards, regulations, and best practices
- Represent the Security team with various stakeholders including App Development, Compliance, Legal, Cloud Engineering to gather requirements, negotiate acceptance of security controls, and influence stakeholders to adopt security controls.
- Engage with all levels of leadership to gather requirements, build appropriate cloud security technology roadmaps and implementation plans.
- Engage with Application Development teams to collect feedback and requirements and drive enhancements to code and automation. Guide the application teams as required to adopt the security code-based controls.
- Maintain strong awareness of events in the external community to identify threats and opportunities for enhancement. Apply those learnings to design and implement solutions.
- Provide technical mentoring and guide development of other developers in the team.
- Groups, WAF, Logging and Monitoring, Remediation, Identity and Access Management
- Develop Threat Models and Perform Security Health Checks in the Public Cloud environment and develop code to address threats and recurring issues.
- Evaluate, Test, Implement and support third party Cloud ecosystem tools. Examples include Dome 9 - Network Security, TwistLock - Container Security, Cloud Custodian - Compliance, Evident.IO - Compliance
- Adopt and evangelize Agile practices and tools such as JIRA to deliver iterative working software.
Skills Required:
- Strong experience in Security or Information Technology.
- Good experience with AWS/Azure Public Cloud.
Desirable Skills:
- Strong experience in Security, Compliance and risk management, including privacy, controls
- CISSP Certification or willingness to obtain this, quickly.
- Cloud Computing
- Familiarity of Infrastructure and Platform Services such as IAM, compute (ie EC2, GCE), AWS Key Management Service, storage (volume/object) etc.
- Knowledge with native cloud security services AWS Trusted Advisor, Amazon Inspector
- Understanding of monitoring tools such as AWS CloudWatch, Splunk etc.
- Awareness with Management Services such as AWS CloudWatch, AWS Lambda and AWS Config
- Security Compliance Skills
- Familiarity with cloud security frameworks CSA, NIST, ISO, CIS etc.
- Technical skills to identify and assess cloud security vulnerabilities and risks
- Expertise in researching & evaluating identified vulnerabilities and risks pose to the organization's information and systems
- Produce and provide appropriate reporting to stakeholders (owners)
- Cloud Security Continuous Monitoring Solutions
- Demonstrated experience in administration/management of continuous monitoring solutions
- Signature Management: tuning of standard signatures, deployment of custom signatures
- Manage continuous monitoring vendors to deliver on the needs of the business
Security Skills
- IT Security Frameworks such as NIST, ISO27001, PCI, DSS
Programming and Ops Skills
- Python, JavaScript (Essential) Ruby, Bash, Go, Java
- AWS SDK and CLI
- JSON/CloudFormation
- Linux and Windows System Administration
Public Cloud Services
- Hands-on experience with Security Services in AWS such as IAM, KMS, VPC, Security Groups, AWS Inspector.
- Expertise in at least 4 of the 10 security epics across Data Protection, Compliance Validation, Vulnerability Analysis, Network Security, Infrastructure Security, CICD Security, Identity and Access Management, Logging and Monitoring, Incident Response, Big Data and Analytics, and Resiliency.
- Hands-on Experience with Management Services such as CloudWatch, Lambda and AWS Config.
- Hands-on Experience of Infrastructure and Platform Services such as EC2, RDS etc.
- Extensive Knowledge and Hands on Skills with Docker, ECS, Kubernetes, and Container Security Tools.
- Third party ecosystem tools for compliance and security such as Evident.IO, Dome 9, Trend Micro, Container Security Tools, etc.
Agile and DevOps Toolsets
- Expertise with JIRA
- Experience with Test Automation Tools such as Ruby, Server Spec, etc.
- Expertise with Jenkins, Ansible, Stash, Confluence
Please apply, I look forward to hearing from you.
Paratus People are acting as an Employment Business for the purposes of this contract vacancy.
We offer a referral scheme if you can recommend someone who may be suitable for this post, up to GBP 500.
Paratus People are a worldwide supplier of Talent Solutions and Services in IoT and Broadcast Technology.