Cloud Security Engineer/Architect
An exciting opportunity has arisen to work within the Graphnet Information Security team for an Azure security expert. The Information Security team works to ensure that the company’s, products, networks, infrastructure and services remain secure and this role has a focus on our Azure based products.
In addition to Azure, the Cloud Security Engineer/Architect will be required to consider other aspects of security from product/service inception through to delivery, helping define and enforce policy, standards and good practice across the business.
The Cloud Security Engineer/Architect works closely within the Information Security team and with other key stakeholders, including networking, operations, DevOps and development teams helping to ensure they can work in a secure cloud environment and that those environments are monitored and alerts raised when suspicious or illegal activities are detected.
The ideal candidate will have a solid technical background, with a strong focus on Azure, and a keenness to develop the culture of a security focused organisation.
- Increase visibility of security threats and configuration weaknesses by optimising the configuration of Azure native security tools, including Sentinel, Security Center, SQL Server and Lighthouse, to deliver effective monitoring and alerting.
- Monitor, maintain operational security management systems and respond to security incidents.
- Use security risk metrics to enable DevOps and security to report on and minimise threats.
- Reduce security vulnerabilities and configuration weaknesses through standards, controls and increased awareness.
- Enable and enhance security configuration and DevOps practices through close collaboration with Azure DevOps team and by providing secure design patterns, and a hands on security engineering capability. Support the definition and implementation of security requirements.
- Providing Information Security technical expertise as required to support internal, cloud and production infrastructure and the development of software.
- Track the developments of Cyber Security and Information Security standards and guidance, ensuring products will comply in accordance with implementation deadlines.
- Work closely with linked colleagues, including the Information Security Manager, the Information Governance Manager, Compliance Manager and the Technical and Operational Leads.
- Keep up to date with legislation on Security and data quality both corporately and within the NHS.
Experience and skills
- A good understanding of the Information Security industry and cyber security plans.
- Strong understanding of Azure data protection and security architecture, and features including Security Center, Azure Policies, Sentinel, DDOS mitigation, Azure Front Door / WAF, Azure Key Vault, VNet/NSG/ASG and PIM.
- Solid understanding of Azure IaaS/PaaS, Application Service Environments, Service Fabric, Azure functions, Azure API Management.
- Strong understanding and experience of PowerShell and Kusto.
- A good knowledge of certificates, network security protocols, encryption standards and deployments including public/private keys, IPSec/SSL/TLS etc.
- Azure Sentinel, Security Center, Azure Policies, Azure networking, PowerShell and Kusto.
- Good general knowledge of firewalls, networking/server environments including IAM/MFA/MDM across multi-platform systems.
- Microsoft/Office 365 security, OneDrive/SharePoint/Teams/DLP.
- Experience of Jira system.
- Vulnerability scanning/testing, SIEM, IDS/IPS and other security related product experience.
- Knowledge of data quality principles and standards (including relation to NHS healthcare data).
- Experience with information systems, processes and uses of information with the NHS
- A proactive and positive approach and attitude to developing an increased Information Security aware culture.
- A Bachelor’s Degree in related subject (desirable).
- Microsoft Azure AZ500 exam pass (highly desirable)
- Other Microsoft Azure certifications, e.g. Azure Security Engineer, Azure DevOps Engineer, Azure Solutions Architect; Windows 10 and Windows Server 2019 accreditation's (which levels)
- Other security qualifications desirable such as CISSP.
Please apply in writing, sending a covering letter & CV to firstname.lastname@example.org