Consultancy Manager at Cyber Security Specialists
UK Government Security Check (SC) clearance is required for this role – no sponsorship available.
We are an independent Cyber Security Consultancy providing Security Consultancy and Managed Security services to Clients in the Public and Private Sector.
As a Cyber Security Architect, you will be a subject matter expert in the secure design of Cloud based architectures with demonstrable experience in the UK Government and Defence sectors.
This is a hybrid role with 2 days in our Manchester Office.
Responsibilities
* Provide specialist secure design advice to UK Government Clients for Public cloud-based workloads (Azure and AWS).
* Identify and deliver appropriate controls based on industry standards (e.g. NCSC Cloud Security Principles) and Client Security Standards/Patterns to drive cloud security solutions framework based on business risk and cloud native threats.
* Document Secure by Design artefacts, including Threat Models.
* Attend Client Governance forums providing expert critique and guidance on proposed designs and associated security controls.
* Provide direction, analysis and design facilitation to develop, maintain and govern a customer security architecture.
* Ensure that architecture principles, designs, technologies, methods and practices are documented and properly executed.
Key Skills and Experience
* Significant AWS and Azure secure design experience.
* Expert in Cloud security concepts, technologies and best practices for delivering security across IaaS and Serverless architectures using both native AWS/Azure security controls and commercial/open source products.
* Experience in Secure Design concepts, design documentation and Threat Modelling.
* Strong understanding of securing Microservice based architectures and APIs.
* Strong understanding of security frameworks such as CIS and NIST and how to apply the technical controls in a complex AWS hosting environment.
* Experience of working directly with engineering teams and architects to review system/data architectures through the development of patterns and industry best practice.
* Solid understanding and experience of articulating the impact of vulnerabilities and required controls and mitigations on existing and future designs.
* Demonstrated understanding of security concepts and ability to apply them to a technical level to guide engineering teams.
Package
* Competitive salary dependant on skills and experience
* Up to 10% annual bonus
* Funded InfoSec training and time allocated for self-study
* Hybrid working – Company HQ in Manchester
* Company Pension
* Private Health Care
* Regular team meals and activities
Job Type: Full-time
Seniority level: Mid-Senior level
Employment type: Full-time
Job function: Engineering and Information Technology
Industries: Computer and Network Security
#J-18808-Ljbffr