AWS Security Engineering Manager

My client, a bank based in London, are looking for an AWS Security Engineering Manager to join their growing team. This role reports directly into their newly joined CISO and they are specifically looking for talent that have come from a Fintech or Start/Scale up background. Please note that despite
About the AWS Security Engineering Manager role:
This role will lead the implementation of cloud security strategies, policies, and frameworks. This role will need hands-on experience in the management of cloud solutions and APIs, and knowledge in multiple disciplines, including cloud security, IT, operations, architecture, development and people skills, to help bring the business and technical sides together.
Key Responsibilities:
• Cloud Security Strategy: Assist in the development of the cloud security strategy to support the overall security strategy. This includes implementing strategic initiatives to enhance the cloud security posture.
• Cloud Security Governance and Compliance: Own the development and maintenance of cloud security processes, procedures, standards, and guidelines. Ensure compliance with these documents as well as applicable regulatory requirements related to cloud security.
• Cloud Security Tools and Controls: Contribute to the selection of enterprise tools that can be extended into the cloud, cloud-native security controls, and third-party offerings.
• Security Controls Configuration and Monitoring: Ensure that all cloud solutions are configured and maintained in line with the company security policies and industry benchmarks.
• Automation and AI: Implement relevant integrations with APIs and automation to enable automatic security control validation by third-party solutions. Adopt or build AI solutions for enhancing the overall company security posture.
• Incident Management: Coordinate incident response activities with the supply chain to ensure swift and effective handling of security incidents. This includes maintaining incident response plans and conducting post-incident reviews to identify areas for improvement.
• Cloud Security Decision Making: Define cloud security design principles and requirements to help make choices about which security tools and controls will be deployed, where, and from which vendors and sources.
• Stakeholder Engagement: Regularly liaise with various stakeholders, including business units, IT, legal, and external auditors, to ensure a unified approach to cloud security.
Requirements:
• An extensive background in IT/Cyber Security roles.
• Experience in securing cloud / cloud hybrid services (including IaaS, PaaS, and SaaS variances).
• A good understanding of AWS security is essential
• An excellent grasp of the security of applications, infrastructure, and networks. The ability to perform detailed, demonstrable engineering tasks in the security technologies that must be adopted for safeguarding an enterprise shall include at least two of the following components:
• Cyber / Web Security (Firewalls, DoS, Proxies, CDN / WAF, API Gateways etc.)
• Data Security (DLP, DRM, etc)
• IDAM (FIAM, SSO, etc). Experience with Microsoft AD
• Mobile Security (EMM, MAM, MDM etc)
• Cloud Security (NSGs, CA, AIP, ARM, Key Vaults, etc)
• Detailed working knowledge of infrastructure security requirements and good understanding of recognised information security management and governance frameworks ISO27001, NIST 800-53 & CSF, Cyber Essentials
• A recognized information security qualification (CISSP, CCSP, etc.). The following qualifications, or associated experience, are also desirable:
o Microsoft 365 Certified: Security Administrator Associate
o Microsoft Certified: Identity and Access Administrator Associate
o Microsoft Certified: Information Protection Administrator Associate
o Certificate Cloud Security Knowledge (CCSK)
o Good understanding of Agile Project Management approaches including Scrum and Kanban.
Please do let me know if the above is of interest by either applying to this job advertisement or calling me on 0207 509 8040 to find out more
Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates