Our client, is a London based cloud native technology company, provide their customers high level expertise to secure the building blocks of the internet, by offering consulting, training and products related to cloud native development, security and operations.
They are looking for Senior Technical Security Architect to represent the technical and cultural values of the business, leading thier customers by example in the complex and fast-changing world of cloud native technology. You will perform a mix of client consulting, working on internal labs projects, and contributing to Open Source projects.
You will be comfortable defining end-to-end security architectures for cloud infrastructure platforms and CI/CD pipelines, through a combination of Threat Modelling and Proof of Concepts, and High and Low Level Designs. You are able to perform hands-on proof of concept work to demonstrate viable designs that can be clearly understood by implementing engineers.
Roles, Responsibilities and Requirements:
- Experience Threat Modelling and designing Cloud Native security architectures (AWS, GCP, Azure)
- Kubernetes and container experience (some of EKS, GKE, AKS, OpenShift, and container runtimes)
- DevSecOps and Engineering principles and practices
- Vault, service mesh, sigstore/in-toto, and supply chain security experience a plus
- CI/CD experience, automating security tests and hardening pipelines
- Knowledge of security tooling
- from enterprise tools such as Aqua, Prima Cloud and Sysdig
- to Open Source tools such as falco, kube-hunter and kube-bench
- Knowledge and experience using hardening guides, compliance and risk management standards
- Security related qualifications such as OSCP, Cloud Provider Security certifications, or CISSP
- A desire to learn, or experience with:
- CLI tooling in any of the above technologies
- Golang or Python
- Terraform and cloud infrastructure best practices (IaC, regulated systems)
Benefits:
- Generous and competitive salary
- Discretionary team bonus
- 33 days of paid holiday, including paid leave for the standard 8 UK Bank Holidays
- Statutory pension contribution
- An individual training budget for personal development, including but not limited to:
- Conferences
- Training (books, courses, coaching, as well as internal training which is of course included beyond budget)
- Qualifications
- Individual development time:
- 10 days for training
- 7.5 days to attend and present at conferences
- 10 days company research and development time