SC Cleared Information Security & Risk Specialist - Outside IR35

Posted on Jan 13, 2022 by Shivom

London, United Kingdom
Immediate Start
£450 - £500 Daily

Looking for a experienced Security Manager and Risk Management/Assurance Specialist required to work with multiple teams developing public/private API and Application software products and Web Interfaces utilising AWS and Microsoft Azure Cloud platforms; to analyse and identify application and infrastructure security risks and requirements, design/develop and document the required mitigating security controls and components, provide in-depth security input to other technology stakeholders, and contribute to high and low level security design. While this is a client facing role it will also have responsibilities to setup security processes and accreditation (ISO 27001, Cyber Essentials) within Shivom and lead the Information Security management for the organisation.

Who you will work with:

At the client side you will work closely with the Lead Architect and will be required to collaborate with DevOps, Developers, Security Architect, and Information Assurance to analyse and document security risks and requirements and contribute to producing technical security designs for AWS and Azure hosted solutions, establishing security best practices in API/Application development, contributing to evaluation of new products from a security perspective.

What you will do:

  • Utilise a formal/well-documented Risk Management and Assurance Process to identify, document and plan for the remediation/mitigation of security risks.

  • Identify security risks and requirements, working with multiple teams developing public/private API and Web Application Interfaces utilising AWS and/or Azure cloud platforms.

  • Define and document the counter measures for security risks working closely with Architects and technical team and contribute to the implementation.

  • Document required security controls and components in collaboration with Tech Leads and Architects.

  • Provide in-depth security input to other technology stakeholders and be responsible for low level security design.

  • Evaluate the design and implement of new products from a security perspective

  • Prepare and present necessary security governance documentation in collaboration with Security Architect and Information Assurance.

Essential skills and experience

  • Have demonstrable experience of Security Risk Management and Assurance.

  • Have demonstrable experience of AWS and/or Azure cloud services and cloud security best practices.

  • Have demonstrable experience of implementing prevention and proactive monitoring of advanced security attacks and emerging attack vectors.

  • Have demonstrable experience in Information security and industry standard best practices to secure a public/private API and Applications hosted in a cloud platform.

  • Have demonstrable experience of successfully delivering digital solutions that collect and manage personal and/or sensitive information with appropriate controls and protection; as well as reg

  • Have demonstrable experience implementing information security standards and regulatory frameworks such as the NCSC cloud security principles, OWASP-10, ISO 27001, GDPR, SABSA or NIST standards

  • Have demonstrable experience of documenting low level security design and ability to work in established design and governance processes.

  • Have demonstrable experience of successful design, implementation or migration of API or Application services from Legacy technologies to AWS or Azure cloud.

Nice-to-have skills and experience

  • Have demonstrable experience of security tools and techniques (eg, PKI, PAM, IAM, Protective Monitoring, Firewall, Audit, SSL/TLS, API Gateways, AV, IDS/IPS/HIDS, J WT, JWS/JWE, JOSE, OAUTH, OIDC, SAML, SSO MFA, SAST, SAST and Pen-testing).

  • Have demonstrable experience of implementing security aspects of software development cycle CI/CD.

  • Have good understanding of security protocols.

  • Have demonstrable experience of migrating applications and services from traditional data centre and infrastructure, network, to AWS or Azure cloud.

  • Experience working in the Public Sector

  • Should have either vendor or industry standard IT Security certification(s)

  • Have existing, valid SC Clearance

Reference: 1461531759

Set up alerts to get notified of new vacancies.

Similar Jobs

Property Procurement Officer

London, United Kingdom

£23k - £26k Annual

Construction Director - Top Concrete Frame Contractor

City and County of the City of London, United Kingdom

£150k - £200k Annual

Philanthropy and Events Officer

London, United Kingdom

£30k - £32k Annual

Talent Acquisition Specialist

Greater London, United Kingdom

£30k - £35k Annual