Role
Role overview:
Our client is an independent Cloud Security / Kubernetes Consultancy who are an ever-growing reputable organisation. Due to continued success and increased customer demand they are once again looking to add quality to the team via a Security Engineer who is experienced with security controls for Kubernetes and Container enterprise security tooling (Twistlock, Prisma and Aqua).
This role may suit those who have a hands on technical engineering background who may also aspire to develop their consultancy and architecture experience. Applications welcome from those with engineering or architecture experiences with a diverse range of capabilities as support, training and development will be provided for the right professional.
Main tasks and responsibilities:
- Operating as a security consultant/engineer, collaboratively working in a cross functional team on various client projects.
- Supporting client’s use of cloud technologies, this may include IaaS, PaaS, SaaS, Automation and orchestration.
- Leading the customers through the complex and ever-changing cloud native technology.
- Assessing current security implementations, this includes designing and implementing controls to drastically reduce risk to the client and importantly, its customers.
- You may use Threat Models to drive and refine the architecture definition.
- A combination of client consulting, internal labs projects, with the Architecture and DevSecOps teams.
- There is also an expectation to contribute to Open Source projects, where the consultancy have been a key influence and major contributor for many years.
Pre-requisites:
- 4+ years’ experience as a Security Engineer/Consultant and or Architect.
- 2+ years’ experience of Kubernetes, Dockers and/or Containers.
- Proven DevOps and/or DevSecOps Engineering experience.
- Knowledge and/or experience of designing Cloud Native Security Architectures –(AWS, GCP, AZURE).
- CI/CD experience, automating security tests and hardening pipelines
- Experience and knowledge of Threat Modelling and related frameworks- (STRIDE, MITRE ATT&CK, Attack Tree, NIST, Ecosystem to list a few).
- Knowledge and experience using hardening guides, compliance and risk management standards.
- DevSecOps principles and practices.
- Knowledge and/or experience of Kubernetes and Containers (OpenShift, EKS and GKE).
- Knowledge and/or experience of Enterprise tools (Twistlock, Prisma and Aqua).
- Knowledge and/or experience of Open Source Tools ( Falco, Kube-hunter and Kube Bench)
- Proven ability to communicate complex information, concepts and/or ideas in a confident, well organised professional manner.
Additional but not essential:
- Vault, Service Mesh, In-TOT, Grafeas experience.
- Desire to learn Goland or Python.
- Terraform and/or Cloud Infrastructure best practices (IaC, regulated systems)
Further info:
- Part of a growing, technology focused organisation, where you would be a valued member of this collaborative and support team.
- Competitive basic salary.
- Team and individual bonus.
- Remote working flexibility, UK based only.
- Further training and development opportunities.
- Individual training budget for personal development.
To apply:
Please either register your CV and complete the information fields requested or send your CV to referencing WDA170-3 and your current salary.