Information Security Officer (Cloud Security)

Deloitte
Belfast, United Kingdom
2 days ago

Role details

Contract type
Temporary contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
£ 71K

Job location

Belfast, United Kingdom

Tech stack

Amazon Web Services (AWS)
Amazon Web Services (AWS)
Amazon Web Services (AWS)
Cloud Computing
Cloud Computing Security
Cloud Storage
Computer Security
Identity and Access Management
Network Segmentation
Software Architecture
Systems Development Life Cycle
Security Software
Scripting (Bash/Python/Go/Ruby)
Google Cloud Platform
Cloud Platform System
Mitre Att&ck
Cyber Threat Analysis
Amazon Web Services (AWS)
Cloudformation
Information Technology

Job description

Deloitte is supporting a Tier 1 Global Bank in hiring experienced Information Security Officers to lead cloud security governance, security architecture and cyber risk management across large-scale technology platforms. This is a senior security role responsible for driving secure-by-design principles, identifying cyber risks and ensuring compliance with enterprise security policies., * Lead Information Security activities across supported technology and infrastructure functions.

  • Identify opportunities to automate and standardise security controls.
  • Identify, investigate and remediate security vulnerabilities across infrastructure and applications.
  • Analyse source code to identify and mitigate security weaknesses.
  • Review automated security testing results and prioritise remediation based on risk.
  • Perform manual and automated security testing where required.
  • Conduct Information Security risk assessments.
  • Analyse root causes of vulnerabilities and recommend corrective actions.
  • Work with engineering and business teams to deliver secure technical solutions.
  • Contribute to enterprise security architecture across major technology programmes.
  • Ensure cloud architectures align with corporate security policies and industry best practices.
  • Assess security risks and define compensating controls where required.
  • Translate business requirements into secure technical solutions.
  • Recommend secure infrastructure platforms and cloud architectures.
  • Influence security strategy and architectural decisions.
  • Provide technical leadership across complex cloud security initiatives.

Requirements

  • Minimum 6 years' IT experience, including at least 4 years in Cyber Security/Information Security across cloud and on-premises environments.

  • Minimum 2 years securing AWS and/or GCP cloud environments.

  • Experience conducting Information Security Risk Assessments and Security Governance.

  • Strong understanding of AWS Well-Architected Framework and Google Cloud Security Command Center.

  • Strong knowledge of AWS and GCP IAM security models.

  • In-depth knowledge of cloud infrastructure including VPC, EC2, S3, Cloud Storage and Compute Engine.

  • Familiarity with NIST, ISO 27001 and CSA STAR compliance frameworks.

  • Experience engaging with Information Security, Risk, Control & Compliance, Architecture and Project teams.

  • Demonstrated expertise in Threat Modelling methodologies such as STRIDE, PASTA or MITRE ATT&CK/ATLAS.

  • Strong understanding of authentication, authorisation, encryption, logging & monitoring, infrastructure security and network segmentation.

  • Ability to design and review secure technical architectures.

  • Experience reviewing Infrastructure as Code using Terraform and/or CloudFormation.

  • Strong understanding of SDLC and CI/CD pipelines.

  • Hands-on Python scripting experience. Qualifications:

  • Associate or Professional AWS or GCP Cloud Certification (mandatory).

  • Associate or Professional Cyber Security Certification (mandatory).

  • Excellent communication and influencing skills.

  • Strong stakeholder and relationship management.

  • Excellent analytical and problem-solving capability.

  • Self-motivated with the ability to lead complex security initiatives.

  • Strong technical documentation and presentation skills.

  • Bachelor's degree in Computer Science, Cyber Security or related discipline (or equivalent experience).

  • CISSP, CISM or CCSP highly desirable.

  • AWS Solutions Architect or Google Professional Cloud Security Engineer certifications are advantageous.

About the company

Deloitte drives progress. Our firms around the world help our clients become market leaders wherever they compete. Deloitte invests in outstanding people with diverse talents and backgrounds, empowering them to achieve more than they can elsewhere. Our work combines consulting with action and integrity. We believe that when our clients and society are stronger, so are we.

Apply for this position