JOB TITLE: Cloud Security Engineer (VM Compliance)
LOCATION(S): UK (Edinburgh, Manchester, Leeds, Bristol, London)
HOURS:Full-time (35 Hours Per Week)
WORKING PATTERN:Our work style is hybrid, which involves spending at least two days per week currently, or 40% of our time, at one of our strategic hubs.
About this opportunity
You’ll sit within Chief Security Office (CSO), part of a team of Security-focused engineers. We are driving a roadmap that will modernise our approach to securing cloud hosted workloads in the Group (Continuous Compliance, Contextual Reporting, Cloud Native). Our primary services are the curation of guardrails (policy as code) to secure Operating Systems (OS) for Virtual Machine (VM)-based workloads hosted on Private and Public Cloud Platforms. Our goal is to enable the banks adoption of Private & Public Cloud to go safely, faster.
The CSO is a vital part of delivering the Groups vision of putting customers at the heart of everything we do, helping Britain prosper and protecting the Group and customers from security threats. We’re responsible for influencing then implementing Lloyds Banking Groups security strategy and providing a variety of critical Enterprise Security Services which not only operate key controls that keep the Group safe but also enable the digital transformation agenda of the wider organisation.
Experienced Security focused DevOps engineers are needed to develop guardrails (policy as code) to detect, report and where possible enforce (auto-remediate) safe and secure configurations at the Operating System (OS) level to align with our principles and standards, as well as Industry best practices (CIS Benchmarks). The role will involve curating Operating Systems for secure LBG consumption with guardrails and supporting these throughout the full lifecycle (definition, development, release, maintenance); building and maturing the OS Continuous Compliance framework; maturing of operational and curation processes through simplification and automation.
It is crucial that the applicant has outstanding written, drawing, and verbal communication skills, as one would expect from an architect or consultant. These skills are vital to effectively communicate information that will later be completed by our proficient engineering teams. This is a hands-on engineering role, and will require deep knowledge in Operating Systems, DevOps tooling and experience working in Infrastructure as Code (IaC) environments.
What you’ll need
We need a Solution Engineer who understands the challenges of modern architecture. You’ll build a compelling strategic vision and will understand a wide array of technology implications including people and process, bringing this to your comprehensive view of design.
You must be a keen and comfortable communicator who is happy working with a wide range of technical and non-technical colleagues. You would be able to produce high quality documentation tailored to the audience which would include senior colleagues. As a role that can require demanding delivery timeframes, youll be self-organised and proactively prioritise your time.
You’ll:
* Identify OS level configurations that require security oversight and control.
* Define a backlog of OS guardrails to detect bad configurations, enforce good configurations.
* Develop, test, release and support guardrails through their full lifecycle.
* Provision and configure testing environments and supporting resources.
* Apply automation first mind-set to all activities completed.
* Coach and upskill peers and junior team members.
* Create, maintain and enhance terraform modules.
* Analyse compliance health and security posture of workloads and platforms.
* Input into development of compliance reports and enable value release to end customers.
* Lead triage and resolution of engineering impediments.
* Work closely with the PO to build roadmap items and shape the backlog.
* Lead on recommendations to harden and improve security posture.
* Research and upskill into trending compliance capabilities, identify ways to incorporate into the teams roadmap.
In addition, were in search of someone who holds the following experiences:
* Strong experience in Operating Systems (RHEL / WIN Server), IaC.
* Experience in Cloud Compliance – guardrails and policies.
* Experience in VM Management tooling (Azure ARC).
* Understanding of API-based architectures.
About working for us
Our focus is to ensure were inclusive every day, building an organisation that reflects modern society and celebrates diversity in all its forms. We want our people to feel that they belong and can be their best, regardless of background, identity, or culture. We were one of the first major organisations to set goals on diversity in senior roles, create a menopause health package, and a dedicated Working with Cancer initiative. And it’s why we especially welcome applications from under-represented groups. We’re disability confident. So, if you’d like reasonable adjustments to be made to our recruitment processes, just let us know.
We also offer a wide-ranging benefits package, which includes:
* A generous pension contribution of up to 15%.
* An annual performance-related bonus.
* Share schemes including free shares.
* Benefits you can adapt to your lifestyle, such as discounted shopping.
* Generous holiday allowance, with bank holidays on top.
* A range of wellbeing initiatives and generous parental leave policies.
Want to do amazing work, that’s interesting and makes a difference to millions of people? Join our journey.
J-18808-Ljbffr