Description
Cloud Consulting have an exciting new opportunity for an experienced Senior Security Consultant/Product Owner to work on a very high-profile project for a leading project.
You should either already have, or be eligible for SC Clearance (or higher).
The role is offered on a fully-remote basis and is outside of IR35.
Key Words - Security Architect, Security Cleared, GDS, Roadmaps, Cyber Security, AWS, Government client.
Responsibilities:
- Deliver the security architecture design elements of projects/initiatives, to meet user needs whilst managing risks.
- Support delivery teams, blending technical security (development and architecture)
- Work with engineering teams, policy and other Digital stakeholders, to create VFM and secure solution designs, identifying security issues in system architectures.
- Ensure technical quality and adherence of security solution designs to the clients Digital Blueprint, Enterprise Architecture and Product Roadmaps.
- Identify, capture, share, iterate, and implement security architecture patterns.
- Provide advice and guidance on the risk impact of vulnerabilities in our existing and future designs and systems, and assessment of the likelihood of vulnerability exploitation.
- Identify new technologies and work with the clients Digital Design Authority and broader security community to look at how and where they could be exploited in business areas.
- Effectively communicate security and risk implications to both technical and non-technical stakeholders.
- Support development of the clients Architecture Practice, and in particular its security expertise.
Essential Criteria
- Cybersecurity technologies, tools and best practice.
- Knowledge of AWS cloud services, best practice secure design
- CI/CD pipelines
- Architecture design and modelling techniques, tools and standards.
- Security threat trends, analysis and protection technologies, tools and best practice (eg software exploits/SQL injection/cross-site Scripting/remote file inclusion/stolen credentials/watering hole attacks/DDOS/malware/phishing/ransomware).
- Secure communication and encryption/cryptographic technologies, tools and best practice (eg IPSec/Kerberos/TLS/SSL).
- Identification, authentication and Single Sign-On(SSO) technologies, tools and best practice (eg OpenID/Oauth 2.0/OIDC/XACML/OATH reference architecture/Kerberos/SAML/WS-Security/RACF).
If you are interested then please forward your C.V in the first instance.