Lead Cloud Systems Security Engineer Full-time Job1 month ago - Customer Services - London - 61 views
What you will be doing;
The Lead Cloud System Security Engineer is accountable for:
• Designing, building and deploying security tooling within various cloud platforms specifically AWS, Azure & GCP
• Building integration for cross cloud connectivity SIEM (Security Info. Event Management) platforms
• Works independently, mentor’s peers and is asked to function as Lead Engineer on projects
• Responsible for design, development, migration and hands-on implementation of Azure Security, Azure IaaS and PaaS cloud solutions
• Participate in planning, implementation, and growth of our Microsoft Cloud foundational footprint as it pertains to security tooling
• Work closely with other architects and engineers to recommend, design and implement solutions that effectively reflect our SOC business needs, security, and service level requirements
• Managing and owning the relationship with the HSBC Cloud platform teams and ITID infrastructure delivery teams to support a collaborative and effective security focussed partnership.
• Train, develop, mentor and inspire cybersecurity colleagues in area(s) of specialism.
• Collaborate with the wider Cybersecurity and IT teams to ensure that technological remain fit for purpose.
• Promote a “self-critical” and continuous assessment and improvement culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light and addressed in an effective and timely manner.
• Supporting a “self-critical” culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light in an effective manner and addressed.
What you will bring to the role;
• Extensive experience building and tuning highly available infrastructure in either of the cloud environments AWS, Azure or GCP
• Deep understanding of current AWS, Azure, GCP capabilities, limitations, and costing methodologies;
• Hands-on experience designing effective and scalable security strategies using IAM roles/ policies;
• H and-on experience with AWS, Azure & GCP foundation services related to compute, network, content delivery, administration and security, deployment and management, automation technologies.
• Lead the design, implementation, testing, documenting of infrastructure technologies with varying degrees of hands-on execution tasks.
• Ability to build architectures and provide prescriptive guidance across network, storage, operating systems, virtualization, RDBMS & NoSQL databases, mid-tier technologies that include application integration, Streaming, in-memory caches, and security.
• Ability to facilitate architecture decisions related to AWS, Azure & GCP services (Route 53, ELB, EC2, ECS, SQS, SNS, CloudWatch, Lambda, Dynamo DB, Kinesis, etc.)
• Experience with core Google Cloud services including Compute, IAM, VPC, Cloud Run, and GKE.
• Experience working with container and serverless technology.
• Strong experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation.
• Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools for the collection and real-time analysis of security information.
• Expert level knowledge of one of more leading Cloud platforms including Microsoft Azure, Amazon Web Services, Google Cloud Platform and Alibaba Cloud.
• Expert level knowledge of security event logging, monitoring, detection and response on one or more of the leading Cloud platforms using tools and native capabilities such as AWS GuardDuty, Azure Sentinel, Google Security Command Center and Alibaba Cloud Security Center.
• Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Citrix, GSX Server, iOS, OSX, etc.
• Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IP, HTTP, etc. and network protocol analysis suites.
• Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
Industry Experience And Qualifications
Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:
• Extensive experience in Cloud Systems Engineering role or similar.
• Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.
• Cloud platform specific certifications relating to the major cloud providers.
• Formal education and advanced degree in Information
Added Skills & Experience Required
• Excellent cloud systems engineering skills, insatiable curiosity and an innate drive to win.
• Strong problem-solving and trouble-shooting skills.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• Developed external peer network for sharing intelligence
• An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
• An understanding of organisational mission, values and goals and consistent application of this knowledge.
• Self-motivated and possessing of a high sense of urgency and personal integrity.
• Highest ethical standards and values.
• Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.
• Good understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws.
• Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, MITRE ATT&CK, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
• Good communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
• Ability to speak, read and write in English, in addition to your local language.
This role will primarily be London based but some travel may be required.