Cloud Security Assurance Analyst

Robert Walters UK
London
GBP 60,000 - 80,000
Job description

My client, a well-established Financial Services organization based in London, is looking for a Cloud Security Assurance Specialist to join their growing team.


About the Cloud Security Assurance Analyst role:


My client is now recruiting for a Cyber Security Assurance Analyst position. This role sits within the Assurance team of the Cyber and Information Resilience department. The Cyber Security Assurance Analyst will contribute to the team's prime objectives, which are:

  1. Assuring services to ensure our systems, infrastructure, cloud environment, and business processes are compliant with our policies and my client's risk appetite.
  2. Validating operational decisions are made in accordance with our security policies and standards and do not increase the overall risk exposure of my client.
  3. Analyzing compliance with the fundamental processes required to manage risk and safeguard their most important assets.
  4. Validating application of security controls in accordance with standards for systems and firewall infrastructure.

Key Responsibilities:

  1. Cloud Security Posture Management (CSPM)
    1. Monitor and assess cloud environments to identify and mitigate security risks.
    2. Define and implement best practices for cloud security configurations and architecture.
    3. Develop and maintain policies and procedures for continuous cloud security compliance.
  2. SaaS Security Posture Management (SSPM)
    1. Evaluate and secure SaaS applications to ensure they meet security and compliance requirements.
    2. Conduct regular security assessments and audits of SaaS solutions.
    3. Liaise with PG to ensure that their SaaS providers have the correct security measures aligned with our company standards.
  3. Cloud Access Security Brokers (CASB)
    1. Define and manage oversight of CASB solutions to extend security policies to cloud applications.
    2. Assure user activity and data flow between on-premises infrastructure and cloud applications.
    3. Identify and recommend remedial action of potential security breaches and data leaks.
  4. Cloud Workload Protection Platforms (CWPP)
    1. Secure workloads across various cloud environments (IaaS, PaaS, SaaS).
    2. Implement workload security measures such as vulnerability scanning, endpoint protection, and compliance management.
    3. Collaborate with DevOps teams to integrate security into CI/CD pipelines.
  5. Firewall and Network Assurance
    1. Configure assurance monitoring of compliance of cloud-based firewalls to protect cloud resources.
    2. Gain visibility of network traffic and agree with PG how to enforce security policies to prevent unauthorized access.
    3. Perform regular firewall and network assessments to ensure robust security posture, using tools at our disposal for firewall assurance.
    4. Collaborate with DevSecOps teams to integrate security practices and controls into the software development lifecycle and automated CI/CD pipelines.
    5. Act as a security champion within the organization, promoting security awareness, best practices, and compliance with security standards among development and operations teams.
    6. Provide SME input at Architectural Governance meetings.
    7. Provide SME input on the Vulnerability Governance meetings.
    8. Provide SME advice on security-related projects and attend all relevant meetings.
    9. Presentation of approaches to cloud security, supported by options and recommendations.
    10. Conduct regular audits and assessments of cloud infrastructure to identify security vulnerabilities and risks.
    11. Develop and implement security controls, policies, and procedures to mitigate risks and ensure compliance with industry standards.
    12. Monitor and analyze security incidents, respond to incidents in a timely manner, and conduct post-incident reviews.
    13. Collaborate with cross-functional teams to implement security best practices and technologies.
    14. Stay up to date on emerging cloud security trends, technologies, and threats.

If the above role is of interest, please reply to this advert or call me on 0207 509 8040 to find out more.


About the job


Contract Type: FULL_TIME
Specialism: Information Technology
Focus: Information Security
Industry: Banking
Salary: £80,000 - £90,000 per annum
Workplace Type: Hybrid
Experience Level: Senior Management
Location: London
Job Reference: 8HZXPO-98590579
Date posted: 24 October 2024
Consultant: Darius Goodarzi


  • Competitive salary and a broad range of employee benefits
Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Cloud Security Assurance Analyst jobs in London