AWS Security Architect - Outside IR35 - Fully Remote working - 12 month contract
***Active SC Clearance required to apply***
Central Government experience is hugely beneficial
TYPICAL ROLE RESPONSIBILITIES
1. Supporting the development of business-focused security solutions for digital products and business operations that cover data collection, storage and processing, deployed both internally and externally;
2. Identifying security threat and risk to the Organisation's digital products and business operations being developed through Agile methodologies and Supplier processes;
3. Lead the analysis and derivation of business-supporting security needs, undertake Cyber Security related risk assessments, conduct tailored threat assessment and other risk management activities, and ensure activities are consistent with applicable regulations and legislation;
4. Independently undertake risk management activities within a given area of practice or expertise, usually within established security and risk management governance structures;
5. Liaising with the Organisation's business, technology and security colleagues to ensure various business needs are understood and applied, including providing general security architecture, guidance and advice to the stakeholders;
6. Advising on opportunities for using secure and open source products and any implications of such an approach;
7. Ensure that security policies and security controls remain appropriate and proportionate to the assessed risks, and are responsive and adaptable to the changing threat environment, business requirements and policies;
8. Provide tailored advice to a range of stakeholders on how to remedy identified risks by proportionately applying security capabilities, using published guidance, standards, and drawing on a range of experts as well as personal expertise;
9. Provide expert security advice that highlights Cyber Security related risks, so risk or service owners can make well-informed and auditable decisions.
10. Capable of supporting Security customers by recommending and applying security architecture, principles and practices to guide the organisation and business through the information security process and technology changes necessary to achieve the business objectives security.
11. Define controls and standards for newly adopted technologies and develop migration plans to drive transformation.
12. Work within a joint DevSecOps team, designing, delivering and managing secure Cloud systems in the AWS platform.
- Knowledge of application, infrastructure and networking security controls and systems covering physical, procedural and technical (ICT) areas, particularly in relation to data security in AWS Cloud platforms.
- Experienced in providing detailed security advice and technical security solutions in a UK Government Department.
- Knowledge of UK Government Security Policy Framework, Information Assurance Standards, , e.g. ISO 27001, DPA.
- Working towards relevant professional qualifications and memberships e.g. Senior Practitioner level within the CESG Certified Professional scheme (CCP), SFIA Level 4-6, Charted Institute of Information Security Professionals (CIISP), British Computer Society (BCS).
- Working towards appropriate Cloud Security industry recognised qualifications e.g.
- Certified Cloud Security Professional (CCSP),
- CSA Certificate of cloud security knowledge (CCSK).
- Achieved one or more of the following AWS Cloud service providers own technical qualifications;
- AWS Certified Cloud Practitioner,
- AWS Certified Security - Specialty,
- AWS Certified Solutions Architect - Associate or Professional
- Track record in working as part of a multi divisional team covering a multi-discipline environment.
- Delivering at Pace in an Agile environment in line with GDS process.
- HMG Vetting at Security Clearance (SC) and if appropriate Developed Vetting (DV) level will be required once in role.
* Experience of similar work on AWS programmes
* Experience of working with AWS cloud architects in securing AWS accounts
* Experience of securing user authentication via Okta
* Experience Integrating and using Splunk, and AWS CloudWatch Monitoring tools for troubleshooting
* Good working knowledge and experience of AWS Services and Solutions
* Making Effective Decisions that influence a secure cloud design
* Validating security posture of accounts in AWS using cloud native tools
* Validating configuration compliance to corporate cloud strategy, principles and security model
* Working knowledge of Aws configuration manager and rules