|Published||November 13, 2022|
As a Principal Cloud Security Engineer, you will be a key member of the Global Security Architecture & Engineering team within the Global Security function; responsible for Cloud Security, design and policy engineering within a project capacity and with a wider strategic function in line with the businesses overall objectives with a view to ensuring the company is in line with security, compliance and regulatory requirements.
We will with your help drive and implement solutions for reducing technical risks and a reduction in security vulnerabilities within the cloud and 3rd party hosting solutions by developing and working with both in-house and externally contracted teams to introduce and maintain a robust end-to-end cloud security strategy.
*What will you be doing?*
* Responsible for ensuring security implementation of GDO projects across T&I and CTIO areas, delivering high quality services and creative solutions across all Cloud hosted solutions.
* Create Cloud Security Policies and engineer them – Preventive, Detective, Reactive and Forensic Controls. Test Cloud Security Policies.
* Engineer Security Solutions for Container Technology and micro services.
* Perform Threat Modelling for Workloads and Develop Counter Measures.
* Perform design reviews of new 3rd party cloud and On Prem solutions, products, and services to identify potential risks and recommend appropriate mitigations.
* Ensure Security overlay of all cloud solutions.
* Work with key collaborators to develop and apply Cloud Security Policies, Standards and Principles.
* Responsible for supervising and driving Cloud Security Compliance during project lifecycle.
* Delivering the technical aspects through plan > design > build for project & compliance security testing.
* Responsible for development of solutions to secure architecture requirements and standards.
* Ensures accurate delivery progress reporting is completed and communicated to relevant stakeholders.
*We tend to look for people with: *
* Hands-on experience in a cloud security environment. This could either be as a cloud security engineer or cloud security specialist within a security team, or as a solutions architect with significant experience of designing and securing cloud hosted solutions against real-world threats.
* Cloud Security Policy Engineering and Testing – create cloud security policy, engineer it, test it and deploy it.
* Cloud Security Policy Engineering Tools: skills with any combination of the following – Hashicorp Sentinel Language, Prisma Cloud Resource Query Language, CfnNag, CloudFormation Guard, Resource Query Language, Monitoring Query Language, Cloud Query Language.
* Experience with engineering Security Solutions for Container Technology and micro services – Kubernetes (GKE, EKS or AKS), ECS or Fargate, Docker, ECR, GCR, etc.
* Experience with Cloud Security Posture Management tools – C3M, Prisma Cloud, Rapid 7, CheckPoint (Dome9).
* Experience with CI/CD tools, Git, GitHub, branching frameworks, and integrating automated security tests with CI/CD pipelines, etc. Knowledge of common cloud connectivity methods and orchestration technologies.
* Experience with Infrastructure as Code (IaC) and Policy as Code(PaC) – Terraform, CloudFormation, Deployment Manager, CfnNag, CloudFormation Guard, Cloud Query Language.
* In depth knowledge of Cloud Security Architecture Frameworks e.g. AWS Well-Architected; and/or Open Architecture Frameworks e.g. TOGAF.
* Strong engineering and/or architecture experience in the fundamental Cloud Security Domains – Identity and Access Management, Cloud Network and Compute Infrastructure Security, Data Protection (at-rest/in-transit), Workload Security, SIEM, Logging and Monitoring.
* In depth knowledge of various Cloud Models – IaaS, PaaS, SaaS, hybrid and multi-cloud models.
* Familiar with common industry cloud providers – AWS, GCP, Azure, OCI.
* Has a practical understanding of industry cloud security principles and their application – NCSC, NIST, CSA.
* Familiarity with common cloud related compliance Benchmarks – CIS, GDPR, PCI-DSS, ISO27001, ISO27017, ISO27018, TSR, OFCOM.
* Strong documentation, design and presentation skills with the ability to create management reporting to convey business justifications, architectural designs and work flows.
*Liberty Global is an equal opportunity employer. We embrace diversity and are committed to creating an inclusive environment for our people. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process. *We’re 100% committed to having a workforce that represents every part of our society. So we’re keen to hear from candidates of all background and circumstances.
Job Type: Full-time
* 8 hour shift
Work Location: One location