We are seeking a talented individual to join our Information Security team in Liverpool as an Azure focused Cloud Security Engineer. The Group Information Security function is a dynamic and highly motivated team committed to ensuring that S&W is organisationally and technically secure in a fast-evolving environment with substantial critical assets, systems, and sensitive data to protect in multiple locations.

Responsibilities

• Managing, implementing, and maintaining technical security controls for IAAS, PAAS and SAAS based services which support Financial Planning, Investment Management, Tax Advice and a range of Professional Services.
• Building out and improving capabilities around M365 utilising E5 licensing. Ensuring E5 security capabilities are being fully utilised and are correctly configured.
• Continuously reviewing technical controls across cloud platforms including Microsoft Azure including Azure AD.
• Understanding, reviewing, recommending, and implementing technical security controls in the Azure IAAS environment.
• Providing assurance that controls are effective and kept up to date as services continue to mature and develop.
• Provide risk analysis and end to end control design, implementation for new services using cloud-based solutions.
• Supporting Agile based project management and iteration - squad-based delivery.
• Ensure that the vision for cloud-based service is built out on security best practice
• Familiarity in interpreting highly technical detail, being able to spot the security gaps and then working with the change function to come up with a detailed secure solution.
• Ensuring secure configuration and operation of cloud networks, load balancers, edge protection and firewalls (WAF, etc.).
• Assisting in the design of enhancements to the cloud security strategy by identifying and alerting on appropriate event types.
• Identify and define system security requirements at a detailed technical level including controls for encryption, key management, IAAS design and segregation.
• Deep technical experience of implementing security features within Azure including DDOS protection, encryption, and appropriate monitoring controls.
• Implement technical controls and make recommendations.
• Facilitate threat modelling exercises to validate security design decisions
• Keep up to date with the latest cloud-based risks, methods, and techniques to ensure they are always based on latest guidance
• Finding new ways to solve existing production security issues and develop guidance material
• Recommending security enhancements to management and senior stakeholders
• Assisting with installation or processing of new security products and procedures
• Ensuring controls for monitoring products and systems for security breaches or intrusions
• Identifying production stability concerns via break point, vulnerability scanning, and impact analysis, and designing and developing implement remediation plans to address these concerns.
• Work on the trifecta of visibility, compliance and remediation for public cloud security.
• Experience in applying both a risk and compliance lens to security.
• Maintaining contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats.

To be successful in this role, you should have

• In depth knowledge of Azure cloud platform is required
• Demonstrable experience provisioning, managing and developing an exemplary technical infrastructure within a medium or large organisation, covering as a minimum, data centres, communications and collaboration, networking, end user computing and tooling is required
• Demonstrable experience on Azure security configuration and scripting skills and certifications 
• Demonstrable experience working Switches, Routers & Domain Controllers etc. 
• Knowledge of a broad range of current and emerging Technology technologies, architectures and delivery models
• Knowledge of compliance standards like CIS, NIST in conjunction with PCI-DSS and GDPR
• Excellent interpersonal skills with the ability to lead others and persuasively communicate complex technical information effectively to a diverse range of stakeholders, resulting in productive working relationships - a "trusted adviser" to business & technology teams 
• Strong communication and collaboration skills, dealing with fast-moving, complex scenarios supporting multiple initiatives and goals 
• A team player who can balance need, risk and pragmatism when developing solutions. Good organisational, planning and risk management skills, with the ability to bring discussions to a decision-making end; a proven capacity for creative problem-solving and troubleshooting

For more information see SW Group Cloud Security Engineer | SmartRecruiters