Key duties and responsibilities:

• Security Engineering
• Oversight of security tooling, including multiple vendor technologies e.g., Mimecast, Tessian and Netskope and public cloud security tools (such as Azure Security Center, Conditional Access and MCAS).
• Designing and implementing security tooling as well as strategic vision for toolsets.
• Ensure cloud security tooling is delivering the security value/reducing loss exposure and has the appropriate people, process, and metrics to prove it is designed and operating effectively.
• Reviewing Cloud Security Patterns written by Security Engineers.
• Oversee any Post-Incident Review actions, Audit findings/similar.
• Collaborate with the Head of Cloud and Product Security to develop and implement the Cloud Security Strategy and associate roadmaps & patterns.
• Providing input and feedback on security policies, standards, and best practices.
• Mentor and coach Security Engineers.
• Ensure cloud security standards are up-to-date and serve intended purpose.
• Review cloud security vulnerabilities to ensure they are relevant and managed properly (I.e. in line with a risk-based approach).
• Deputise for the Head of Cloud and Product Security in committees and forums, sharing expertise and shaping the future of Cloud security.

Experience and Knowledge:

• Minimum of 7-10 years’ experience in Information & Cyber Security.
• Strong Experience with security tooling e.g., Tessian, Mimecast and Netskope.
• In depth understanding of cloud security across major cloud providers (i.e., Azure, AWS, GCP) as evidenced by industry certifications (AZ-500, MS-500 etc.)
• Wide range of experience in Security roles with a focus on Cloud security, CI/CD and Software Security.
• Knowledge of industry standards with a focus on SOC II, ISO27001 and NIST.
• Knowledge of IAM and PAM tools such as SailPoint and CyberArk would be advantageous.
• Able to lead calmly through periods of high pressure while inspiring people and teams to achieve excellence and grow their skills.
• Proven experience enabling the use of Cloud in highly regulated business environments.
• Experience using niche/3rd party products to resolve security gaps that cloud native controls do not offer.
• Experience working with Cloud security controls in hybrid environments, where shared responsibility may be further sub-contracted.
• Thorough and broad understanding of security technology from Cloud infrastructure to application.
• Experience of mentoring and growing junior team members enabling them to grow.
• Willingness to continuously improve knowledge and skills in Cloud Security and Security Engineering.
• Passion for implementing change.
• High communication skills required at all levels. Excellent command of verbal and written communication (English). Effective presentation style for all levels of stakeholders.
• Strong problem solving, decision making, issue analysis and resolution skills.
• Highly organised.
• Ability to work well in a multicultural global work environment.
• Demonstrated ability to work with multiple stakeholders and manage competing priorities with internal clients.
• Ability to gather and address both business and technical requirements. Must be highly motivated.