Description:
The role sits within the IT Security Team, with 100% assignment to projects, and is responsible for protecting the Confidentiality, Integrity, and Availability of the Bank’s information assets. This includes planning and delivery of the Cyber Security Principles that underpin the project, including supporting the creation of RFPs and RFQs which will determine the design and successful implementation of this project. The role may be required to establish and implement new IT Security Policies, Procedures, Standards, as needed and support the management and operation of IT Security related technology as determined by the project.
Deep understanding of DevSecOps principles and Cloud security with focus on Azure is a must
The Cloud Security Consultant Will Have The Following Objectives
- Ensure that an appropriate level of IT Security controls is applied to every project
- Ensure that projects deliver solutions that are fit for purpose from IT Security stand point and any deviations/risks are raised as appropriate
- Ensure that all IT-related actions taken with projects are compliant to ISO27001:2013 so as to maintain the Bank’s certification
- Perform formal Risk Assessments where exceptions to bank security policies are required and register the findings in the Bank’s risk register
Knowledge / Experience
- Demonstrable experience of successfully securing Microsoft Cloud solutions
- Extensive understanding and implementation of the IT Security environment, policies, guidelines and standards, including awareness of ISO 27001/2.
- Educated to honours degree level and/or a relevant and recognised IT Security accreditation.
- Technical assessments of RFPs and third party partner selection in line with OJEU or similar governance structures.
- Broad understanding of corporate IT infrastructures and technologies.
- Demonstrable experience of successfully operating within a ‘matrix’ IT Security team & bespoke project team.
- Experience of working on multiple projects simultaneously and effectively managing the competing priorities.
- Demonstrable knowledge of technical security solutions covering modern Security solutions and Tooling.
- Knowledge of standards and industry best practice for risk assessment of IT applications, particularly in a financial setting.
- Good understanding of PKI, digital certificates, and key management, in the context of IT applications as consumers of the service.
- Identity and Access Management (IAM) for critical business applications, including external third-party identity and/or privileges access may be a requirement.
- Relevant experience in the Financial Services sector.
- Ability to handle pressure and work to challenging deadlines.
- Scope of services successfully transitioned to third party provider and knowledge transfer complete.