Cloud Security Architect

  • Full-time
  • Working Hours: 35 hours per week
  • Salary: Competitive
  • Department: Technology

Company Description

Here at esure Group, we’re no strangers to change. As one of the industry leaders in the insurance business, striving to become a world class digital insurer, we’re getting ready for more. It’s creating great new opportunities for innovative and talented industry professionals to join us at a pivotal point in our development.

Job Description

We are currently recruiting for a Cloud Security Architect to join our security team on permanent basis! You will act the one of the central points of contact within the business for information security in the Cloud.

The Day to Day:

Contribute to strategic development of Cloud Security practices

Collaborate with IT Architecture and Data Engineering platform squads to advocate security practices and where necessary review design documents

Create and maintain Cloud Security reference architecture patterns and use cases examples, where applicable map to MITRE ATT&CK and MS Kubernetes threat matrix

Continually review and extend Cloud Security Playbooks and preventative controls

Collaborate with internal DevSecOps and DevOps squads and where necessary provide guidance of adopting security by design

Support the development of security operations for monitoring, testing, and where necessary conduct Cloud implementation review audits

Where appropriate support Incident Response team

Qualifications

Essential

  • Continual passion to learn and inspire
  • Good background in Cloud Security Architecture and DevOps practices
  • Cloud Platforms particularly AWS; Solid experience and background working with AWS services (EC2, EKS(K8), VPC, ELB, S3, RDS, WAF, Lambda, SNS, ELK, etc.)
  • Thread modelling techniques and aware of common threats and implementation failings
  • Experience of API integration and Security techniques
  • Knowledge of AuthN AuthZ protocols, such as OpenID Connect, OAuth,
  • SAML and AD
  • CISSP or equivalent qualification

Bonus points

  • Kubernetes(K8) / Microservices
  • Risk modelling concepts (e.g. STRIDE/DREAD)
  • Threat matrix for Kubernetes and awareness of MITRE ATT&CK
  • Knowledge of security automation tooling to facilitate CI/CD
  • Application (L7) Security knowledge and application security tooling (SAST, DAST)
  • Ability to read and understand code/scripts (e.g. Python, Terraform)
  • Awareness of vulnerability management and penetration testing tools

Professional growth

We are committed to continual learning, the individual would be supported to grow in missing subject areas and we'll offer the below certifications! 

AWS Architect / AWS Security Specialist

(ISC)² CCSP or (SANS) Cloud Security Architect SEC545

Privacy by design CIPP/E or CIPT

 

Additional Information

What we'll offer in return:

  • A competitive salary that recognises your skills, experience and potential
  • 28 days annual leave plus 8 flex days (equivalent to bank holidays to be taken as and when suits you)
  • Bonus scheme
  • Flexible working – including hybrid working post covid
  • Staff discount on our products

At esure, we are committed to promoting equity, inclusion and diversity. We celebrate and nurture our diversity because it makes strong business sense and because it’s the right thing to do. We are passionate about making everyone feel welcome, included and comfortable bringing their whole self to work every day.

esure cares for our people, our customers, our society and our planet. We aim to ensure all colleagues and job applicants are given equal opportunity and our company is truly representative of all sections of society and our customers. esure is an inclusive environment which provides everyone the support they need to feel included, thrive, grow, meet their goals and have some fun.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Privacy Policy