Information Security Officer (Cloud Security)
Posted on:
4 days ago
Vacancies:
1 Vacancy
Job Summary
Contract Role: Information Security Officer (Cloud Security)
Contract Location: London/Belfast (Hybrid)
Contract Duration: 6 months initially (with potential extension)
Contract Start Date: Immediate
Contract Classification: Inside IR35
Daily Rate breakdown
Traditional Daily Rate: 450
Agreed Contract Rate (ACR): 346.95
Equivalent Annual Salary: holiday pay
Payroll provider: Rockford Payroll Info for Contingent Workers - Rockford Pay
Overview
Deloitte is supporting a Tier 1 Global Bank in hiring experienced Information Security Officers to lead cloud security governance security architecture and cyber risk management across large-scale technology platforms. This is a senior security role responsible for driving secure-by-design principles identifying cyber risks and ensuring compliance with enterprise security policies.
Key Responsibilities
Lead Information Security activities across supported technology and infrastructure functions.
Identify opportunities to automate and standardise security controls.
Identify investigate and remediate security vulnerabilities across infrastructure and applications.
Analyse source code to identify and mitigate security weaknesses.
Review automated security testing results and prioritise remediation based on risk.
Perform manual and automated security testing where required.
Conduct Information Security risk assessments.
Analyse root causes of vulnerabilities and recommend corrective actions.
Work with engineering and business teams to deliver secure technical solutions.
Contribute to enterprise security architecture across major technology programmes.
Ensure cloud architectures align with corporate security policies and industry best practices.
Assess security risks and define compensating controls where required.
Translate business requirements into secure technical solutions.
Recommend secure infrastructure platforms and cloud architectures.
Influence security strategy and architectural decisions.
Provide technical leadership across complex cloud security initiatives.
Essential Skills & Experience
Minimum 6 years IT experience including at least 4 years in Cyber Security/Information Security across cloud and on-premises environments.
Minimum 2 years securing AWS and/or GCP cloud environments.
Experience conducting Information Security Risk Assessments and Security Governance.
Strong understanding of AWS Well-Architected Framework and Google Cloud Security Command Center.
Strong knowledge of AWS and GCP IAM security models.
In-depth knowledge of cloud infrastructure including VPC EC2 S3 Cloud Storage and Compute Engine.
Familiarity with NIST ISO 27001 and CSA STAR compliance frameworks.
Experience engaging with Information Security Risk Control & Compliance Architecture and Project teams.
Demonstrated expertise in Threat Modelling methodologies such as STRIDE PASTA or MITRE ATT&CK/ATLAS.
Strong understanding of authentication authorisation encryption logging & monitoring infrastructure security and network segmentation.
Ability to design and review secure technical architectures.
Experience reviewing Infrastructure as Code using Terraform and/or CloudFormation.
Strong understanding of SDLC and CI/CD pipelines.
Hands-on Python scripting experience.
Qualifications:
Associate or Professional AWS or GCP Cloud Certification (mandatory).
Associate or Professional Cyber Security Certification (mandatory).
Excellent communication and influencing skills.
Strong stakeholder and relationship management.
Excellent analytical and problem-solving capability.
Self-motivated with the ability to lead complex security initiatives.
Strong technical documentation and presentation skills.
Bachelors degree in Computer Science Cyber Security or related discipline (or equivalent experience).
CISSP CISM or CCSP highly desirable.
AWS Solutions Architect or Google Professional Cloud Security Engineer certifications are advantageous.
Required Skills:
Financial crime