Connecting...

back to job search

Connect

Connect with Talent to receive latest job postings

Security Analyst - AWS - CONTRACT

Location:

London, England

Work type:

Contract

Business sector:

Other

Salary:

£500 - £600 per day

Job reference:

040219_1549297841

Start date:

ASAP

Contact email:

taijaan.decordova@talentinternational.com

Advertiser:

TaiJaan Cordova

Lead Security Analyst

London

£500 - £600

SC clearance would be more desirable, this can be obtained once in the role

As a Security Analyst in the Security & Privacy ('S&P') team, you will be primarily focused on the data warehouse and analytics platform (we call this the 'Analytical Platform') which is the client's most important system when it comes to a large amount of sensitive data.

TECHNOLOGIES
The Analytical Platform is hosted on Amazon Web Services ('AWS') using Kubernetes. It leverages Auth0 for authentication, GitHub for application/infrastructure code storage and primarily Terraform to provision cloud resources.

Most of the systems you may interact with are on AWS, but we also use Azure. We author in Python, JavaScript and Go. We version control with Git.

MAIN RESPONSIBILITIES
● develop and automate security capabilities
● identify low-level through to strategic gaps in defences
● advise on security measures that should be implemented
● implement technical security measures
● promote security awareness within teams
● support technical security incident response

ESSENTIAL SKILLS & EXPERIENCE
● experience with scripting threat and vulnerability management solutions, application security and using analytics to understand/influence such changes
● a good understanding of Python or another modern scripting language
● the ability to use AWS & Linux operating systems using non-graphical interfaces with ease
● experience with securing AWS (in particular, IAM, S3 and EC2)
● experience with securing Linux-based containers
● experience with version control through Git
● experience with proactively investigating, analysing, managing and mitigating/resolving security incidents
● excellent communication skills
● knowledge of web application (example include REST/gRPC, APIs, role-based access, OWASP Top 10) and cloud infrastructure vulnerabilities and common remediation techniques
● knowledge of security monitoring, prevention and control systems including but not limited to firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions

DESIRABLE SKILLS & EXPERIENCE
● understanding of how technical security fits in within wider threat models
● experience with securing Kubernetes
● experience designing and implementing multi-account AWS structures
● experience designing and implementing cross-account AWS IAM roles and using assume-role
● experience of security automation using a wider set of scripting languages, such as Perl, Python, Ruby, and/or Bash as well as the configuration of infrastructure with code automation (e.g. Atlassian tools, Ansible, Puppet, or Chef)
● experience with version control software and job execution tools beyond Git, such as GoCD, Octopus, Jenkins, RunDeck, SaltStack
● experience with cloud platforms to include virtualization, containerisation and orchestration technologies on Azure
● experience with implementing/securing federated identity solutions using OAuth and OIDC
● experience of secure coding and testing across a variety of tools (static, dynamic, and both automated and manual) and vulnerability management
● knowledge of security architectures, in particular for modern digital services, including how they are developed and operated safely at scale
● experience with log aggregation tools such as Splunk
● experience with SIEM tools such as LogRhythm
● knowledge of penetration testing (or 'red teaming') and related disciplines.
● recognised security certifications (particularly from AWS)

If this sounds like something that would be of interest to you, please get in touch and click and apply

Share this job:

help your friends find their dream job: