Lead Information Security Engineer strengthening AI, cloud, and application security posture at S&P Global. Partnering with engineering teams to ensure secure architectures and effective risk mitigation.
About the role
- AWS Cloud Security Specialist working with teams to implement secure cloud environments. Leading efforts in security architecture and compliance for cloud migration and security design.
Responsibilities
- Lead on developing secure architectures, patterns and processes that support a wide range of AWS services.
- Working closely with solution architects and cyber security specialists; often translating concerns and requirements into a cohesive whole.
- Apply security requirements to AWS architectures and services.
- Ensure the cloud-based solutions meet legal and regulatory compliance.
- Perform threat modelling and risk assessments of solutions built on AWS.
- Develop the culture of security by design.
- Design and support with implementing security controls to validate compliance and prevent non-compliance.
- Work with the community of development teams to provide consultancy and guidance on secure cloud development as well as being an escalation point for security concerns.
- Seek opportunities to improve the security posture.
- Ensure security practices are accessible to all through documentation, reusable constructs and communicating these.
Requirements
- You are regarded as a subject matter expert on AWS Cloud Security.
- Proven experience in AWS cloud security architecture and design in enterprise environments at scale.
- A deep understanding of general Cyber Security principles (e.g. encryption, secure network design, application attack vectors).
- Practical knowledge of industry standard security frameworks such as CIS AWS Foundations Benchmark, NIST, ISO 27001, and regulatory requirements (GDPR, PCI-DSS).
- A concrete understanding of core AWS principles (e.g. networking and IAM) with knowledge of security details across a range of AWS services.
- Hands-on experience with AWS-native security tools (e.g. IAM, KMS, GuardDuty, Macie, WAF).
- Proficiency in Infrastructure-as-Code (CloudFormation, Terraform).
- Excellent communication and stakeholder engagement skills.
- You are curious and have a desire to continuously learn, being up to date with the latest threats and best practices.
- It would be great if you also had experience in some of these Industry certifications such as AWS Certified Cloud Security Speciality or CISSP.
- Experience of securing container workloads.
- Mentoring junior engineers and nurturing their passion for engineering.
- Security Clearance is required for this vacancy. If you are not currently Security Cleared, you will need to be eligible for this and willing to go through the process.
Benefits
- Work-life balance is important; you can work around core hours with flexible and part-time working
- As many of our customers work predominantly in the office, we expect all of our staff to work at least 3 days per week in the office
- You’ll get 25 days holiday a year and the option to buy/sell and carry over from the year before
- Our flexible benefits package includes private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more
- You’ll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE
- You’ll be part of our company bonus scheme
- You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Engineer managing security of production AWS cloud infrastructure. Collaborating with teams to maintain a secure and efficient cloud environment.
Expert in information security focusing on SIEM for Deutsche WertpapierService Bank AG. Ensuring SIEM operations and analyzing threats in a hybrid environment.
Expert in information security focusing on penetration tests for Deutsche WertpapierService Bank AG's cybersecurity team. Managing cloud transformation and regulatory compliance in a hybrid work environment.
Engineer, Cybersecurity responsible for designing and implementing security solutions for Royal Caribbean Group. Collaborating with project teams to ensure compliance with security standards and practices.
Microsoft Security and Secure AI Consultant collaborating to secure Microsoft and AI implementations. Focused on deploying Microsoft Security services and contributing to dynamic projects across diverse industries.
Principal Security Consultant at LRQA enhancing security posture for clients. Leading defensive security services design and implementing solutions across multiple customer environments.
Senior Network Infrastructure & Security Expert at Kyndryl managing complex network infrastructure and security in manufacturing environments. Focused on innovative solutions and team growth in a flexible work setting.
Network Infrastructure & Security Engineer at Kyndryl responsible for maintaining network operations and troubleshooting. Supporting Cisco and Huawei devices in data centers and office premises.
Working as a Security Remote Technical Support Engineer responsible for resolving technical incidents and maintaining service levels. Collaborating with stakeholders to ensure efficient service delivery and continuous improvement.