Cloud Security Assurance Analyst

My client, a well established Financial Services organisation based in London, are looking for a Cloud Security Assurance specialist to join their growing team.

About the Cloud Security Assurance Analyst role:

My client is now recruiting for a Cyber Security Assurance Analyst position. This role sits within the Assurance team of the Cyber and Information Resilience department. The Cyber Security Assurance Analyst will contribute to the team's prime objectives, which are:
Assuring services to ensure our systems, infrastructure, cloud environment and business processes are compliant with our polices and my client's risk appetite.

Moreover, you will validate operational decision are made in accordance with our security policies and standards and do not increase the overall risk exposure of my client.
You will be analysing compliance with the fundamental processes required to manage risk and safeguard their most important assets as well as validating application of security controls in accordance with standards for systems and Firewall infrastructure.

Key Responsbilities:

Cloud Security Posture Management (CSPM)
* Monitor and assess cloud environments to identify and mitigate security risks.
* Define and Implement best practices for cloud security configurations and architecture.
* Develop and maintain policies and procedures for continuous cloud security compliance.
* SaaS Security Posture Management (SSPM)
* Evaluate and secure SaaS applications to ensure they meet security and compliance requirements.
* Conduct regular security assessments and audits of SaaS solutions.
* Liaise with PG to ensure that their SaaS providers have the correct security measures align with our company standards.

Cloud Access Security Brokers (CASB)

Define and manage oversight of CASB solutions to extend security policies to cloud applications.
* Assure user activity and data flow between on-premises infrastructure and cloud applications.
* Identify and recommend remedial action of potential security breaches and data leaks.
* Cloud Workload Protection Platforms (CWPP)
* Secure workloads across various cloud environments (IaaS, PaaS, SaaS).
* Implement workload security measures such as vulnerability scanning, endpoint protection, and compliance management.
* Collaborate with DevOps teams to integrate security into CI/CD pipelines.

Firewall and Network Assurance
* Configure assurance monitoring of compliance of cloud-based Firewalls to protect cloud resources.
* Gain visibility of network traffic and agree with PG how to enforce security policies to prevent unauthorized access.
* Perform regular Firewall and network assessments to ensure robust security posture, using tools to our disposal for Firewall assurance
* Collaborate with DevSecOps teams to integrate security practices and controls into the software development life cycle and automated CI/CD pipelines.
* Act as a security champion within the organization, promoting security awareness, best practices, and compliance with security standards among development and operations teams.
* By engaging in DevSecOps practices and serving as a security champion, the Cloud Security Assurance Analyst will help foster a security-first culture and ensure that security is ingrained into every aspect of our cloud operations and development processes.
* Provide SME input at Architectural Governance meetings.
* Provide SME input on the Vulnerability Governance meetings.
* Provide SME advise on security related projects and attend all relevant meetings.
* Presentation of approaches to cloud security, supported by options and recommendations.
* Conduct regular audits and assessments of cloud infrastructure to identify security vulnerabilities and risks.
* Develop and implement security controls, policies, and procedures to mitigate risks and ensure compliance with industry standards.
* Monitor and analyse security incidents, respond to incidents in a timely manner, and conduct post-incident reviews.
* Collaborate with cross-functional teams to implement security best practices and technologies.
* Stay up to date on emerging cloud security trends, technologies, and threats.

If the above role is of interest please reply to this advert or call me to find out more.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates