Role description: (Please include a brief outline of the impact this role will have, including overview of customer industry and projects, access to cutting-edge technology etc.)Cloud Security Architect

Our Cloud Centre of Excellence (CCoE) is looking for a Senior Cloud Security Architects (Azure/GCP) to take a role in the design and delivery of cloud services across the organisation’s Cloud Platform environment, with accountability for a range of deliverables across both Security ‘build’ and ‘run’.

In-depth technical understanding and experience of public cloud, API and micro-service architectures, and you’ll provide low-level hands-on technical engineering expertise for the Cloud Builds, Cloud control framework and continuous compliance service. Working within the CCoE Security team, you’ll own the engineering of cloud solutions. The main accountability of the Cloud Security Architect is to ensure that the correct security designs and controls are in place, focusing on keeping cloud services safe and secure while simultaneously supporting programmes of work to meet their deadlines and deliver business outcomes. You’ll be responsible for security requirements, designs, risks and defining controls to mitigate these risks and guiding others to embed security into their deliverables in the best manner for the Bank

The role involves senior level engagement into the business area and is accountable for the delivery of assigned projects, representation at local governance along with providing senior technical leadership and consultancy to both internal CCoE and external colleagues as required.

Key responsibilities: (Up to 10, Avoid repetition)

•Technical ownership of key CCoE deliverables, Cloud Security Designs, HLD/LLD

•Participate in the architecture board to discuss strategy about services and their integration with existing technologies within the organisation.

•Working with architects and engineers to collaboratively define the mid and low-level security requirements into a collection of design and engineering activities to ensure that the programme is delivering against agreed security standards and principles

•Proactively identifying security risks not exclusively as part of the design/engineering process

•Owning the end-to-end security view for specific platform components, shared services or application integration items

•Performing threat modelling against architectures, engineered solutions, and as-is platforms

•Ensuring that security activities are aligned with the wider security strategy

•Working in a multi-disciplined autonomous team delivering security value on behalf the team

•Experience of interpreting highly technical detail, performing security analysis and providing security requirements and assurance within a cross functional team

•Demonstrable security risk and compliance experience.

•Experience working with technical and cross-functional teams to deliver change Threat modelling experience both platform and application level

Key skills/knowledge/experience: (Up to 10, Avoid repetition)

•Experience supporting major programmes and other project-based activities

•Proven experience of supporting IT/Security infrastructure

•Strong technical background

•Hands of experience on Cloud Security (Azure/GCP/DevSecOps)

•Good to have Experience of Cloud Security Tools (e.g. Azure Security Centre)

•Cloud certifications such as:

oMicrosoft Certified: Azure Security Engineer Associate

oGoogle Certified Security Engineer

oCertified Cloud Security Professional (CSSP)

•Experience working within an agile framework

•Experience working with Microsoft Azure or Google Cloud

•Experience working with cloud native security tools

•Familiarity with a programming or scripting languag

Person specification: I.e., negotiating, client facing, communication, assertive, team leading/team member skills, supportive.

•The ability to pick up and learn new technology approaches and make rapid decisions on the best way to use these technology advancements for the betterment of the overall security posture.

•Excellent communication skills as the ability to communicate effectively, constructively, confidently and professionally is key to the success in the role as is the ability to work with IT and Information Security teams and the wider business.

•Keen attention to detail and excellent analytical skills.

•Ability to actively manage workloads to meet business and department requirements