Security Engineer

Job title: Security Engineer
Hybrid - 3 days in London
Duration of assignment: 6 months


Role description:
Cyber Security Designs, Strategies, and Security Patterns, data security and compliance by implementing GCP, Azure security best practices, managing IAM roles and permissions, GCP, Azure environments by implementing robust security controls, encryption, and access management policies
Key responsibilities:

-Each team that owns a security control has been responsible for creating the format they use to guide the consumers of that control
1. Engineering Guardrails that help security control users identify the strategic solution to meet their use case and map to the appropriate engineering pattern
a. Depending on the type of security control, the security control users would know the use case they need to meet, the technology they are using, and the environment it's needed it.


2.Engineering Patterns tell the security control users how to use the required control on the technology/platform they are using and for each environment/datacentre. Many of the engineering patterns will be the same regardless of the technology/platform or environment/datacentre. But when those variables do impact HOW a user onboards a given security control, patterns specific to their overall use case is required.
Each technology that is used to meet security use cases will have engineering patterns documented.
Engineering patterns will be mapped to an engineering guardrail
There will be an engineering pattern for each variation that is needed to meet known use cases. For example, if different steps are required to onboard the security control on different technologies, platforms, environments, or datacentres, unique patterns will be written for each known combination resulting in needing to follow different steps.
LBG GSRA and AccSec Teams agree on prioritised list of Technologies that need to have Engineering Patterns generated
Contractor will work with relevant Product Owner and Engineering Leads to identify each unique use case that requires an engineering pattern
Contractor will work with feature team's engineers to populate the engineering pattern for each unique use case
Initial engineering patterns will go through user acceptance testing to ensure the intended audience is able to use the document as expected
LBG GSRA and AccSec Teams will work with contractor to ensure proper governance is achieved for each engineering pattern
The maintenance review cycle will be initiated from the date the document completed governance assurance.
Completed engineering pattern will be added to applicable engineering guardrail and published in the Group Security Reference Architecture


Key skills/knowledge/experience:

-Both the Engineering Guardrails and the Engineering Patterns are needed for most, if not all, CSO controlled security technologies. The Accelerated Security Workstream and Group Security Reference Architecture team will work with the contractor to prioritise the order the technologies are documented.

-Developing Engineering Guardrail Template
-Developing Engineering Pattern Template
-User acceptance testing templates
-Test and learn of templates
-Upload finished templates to GSRA SharePoint

Person specification: I.e., negotiating, client facing, communication, assertive, team leading/team member skills, supportive. Excellent communication skills is a must and should be willing to stretch to fulfill any complex customer requirements. Must be proactive in guiding and helping the customer in their decision-making process