Cloud Security Assessment Specialist

About the Project:

The ‘Cloud Security Assessment Specialist’ reports directly to the Cloud Security Assessment Lead and is part of the wider CSAT Cloud Security Team. The role is responsible for conducting mandatory reviews to ensure Cloud hosted services comply with all applicable company's cloud security controls prior to moving to production.

Your Responsibilities:

• Executing technical Cloud Security Assessment reviews raised and tracked through Service Now.
• Providing Cloud Security consultancy support to our customers and facilitating successful transition of their services through to production.
• Driving continuous and ongoing process improvement in collaboration with the wider team. This includes capability uplift, data driven enhancements and strong focus on automation.
• Understanding how relevant Cloud security controls should be applied.
• Meeting performance targets set by the Cloud Security Assessment Lead.
• Contributing to company’s Cybersecurity strategy to secure the bank’s technology from the inside out, whilst maintaining, protecting and enhancing company’s values, reputation and stakeholder value.
• Ensuring effective engagement with Global Businesses, Functions & Regions.
• Strong awareness of current and future industry trends and best practices; be an advocate for change, promoting and leading company's adoption where appropriate.

Key Skills and Qualifications for this role:

• Strong level of technical knowledge and hands-on experience in Google Cloud Platform and at least one more Cloud platform; Amazon Web Services, Microsoft Azure, or Alibaba Cloud.
• Working knowledge of software development tools and technologies; e.g. Python, Bash, PowerShell, SQL, and data formats such as XML, JSON, CSV.
• Understanding of risk and control frameworks.
• Strong customer focus, passionate about delivering the best customer experience possible.
• Ability to build strong relationships with application teams, cross functional IT, global & local IT teams at all levels.
• Self-motivated, proactive, possessing a high sense of personal integrity and strong work ethic.
• Strong technical problem-solving and troubleshooting skills.
• Excellent written and verbal communication skills with an ability to:
  • Communicate with impact, ensuring complex information and data is articulated in a meaningful way to wide and varied audiences and stakeholders.
  • Produce clear and concise reports and control documentation for targeted audiences across internal and external stakeholders.

Optional/Nice to haves:

• Experience in conducting a Cybersecurity assessment/review.
• Experience of working with Kubernetes or other container orchestration experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation, such as: Jenkins, Terraform, Ansible, GitHub and Nexus.
• Desirable to have (or be working towards) one or more industry-recognised cybersecurityrelated certifications including CISSP, CRISC, CISM or Cloud Security Certifications.