Cloud Security Consultant – Outside Ir35

Cloud Security Consultant - Outside IR35

Initial 6 Months Contract

Stott and May are seeking a highly skilled Cloud Security Consultant to join one of our Banking Clients. The role sits within the IT Security Team, with 100% assignment to projects, and is responsible for protecting the Confidentiality, Integrity, and Availability of the Bank’s information assets.

You will have:

• Demonstrable experience of successfully securing Microsoft Cloud solutions.
• Extensive understanding and implementation of the IT Security environment, policies, guidelines and standards, including awareness of ISO 27001/2.
• Educated to honours degree level and/or a relevant and recognised IT Security accreditation.
• Technical assessments of RFPs and third-party partner selection in line with OJEU or similar governance structures.
• Broad understanding of corporate IT infrastructures and technologies.
• Demonstrable experience of successfully operating within a ‘matrix’ IT Security team & bespoke project team.
• Experience of working on multiple projects simultaneously and effectively managing the competing priorities.
• Demonstrable knowledge of technical security solutions covering modern Security solutions and Tooling.
• Knowledge of standards and industry best practice for risk assessment of IT applications, particularly in a financial setting.
• Good understanding of PKI, digital certificates, and key management, in the context of IT applications as consumers of the service.
• Identity and Access Management (IAM) for critical business applications, including external third-party identity and/or privileges access may be a requirement.
• Relevant experience in the Financial Services sector.
• Ability to handle pressure and work to challenging deadlines.
• Scope of services successfully transitioned to third-party provider and knowledge transfer complete.

Technical Skills:

• Demonstrable experience of conducting security assessments and threat identification, mitigation and remediation.
• Good understanding of Defender for Cloud and its policies.
• Ability to guide projects to apply appropriate security standards and policies.
• Good technical understanding of Cloud security, security configuration, and best practices for servers, workstations, SASE technologies, SD-WAN, Firewall infrastructure, and penetration testing scoping.
• Deep technical knowledge of the following: data encryption, data leakage controls, application integration, identity and access management, certificate management, and database security.
• Excellent understanding of the Secure Application Development Lifecycle (SDLC) and the ability to advise the AppDev teams in the remediation.
• Technical experience of some of the following applications: Security auditing tools, AV, Firewalls, Proxy, SIEM, PAM.
• Ethical hacking and KQL background are advantageous.

Sound good? APPLY NOW!