About the Role: My client, a leading global consultancy, is currently seeking a skilled Cloud Security Engineer with extensive AWS experience to join their delivery team and support clients in advancing their security transformation journeys.
This role requires SC clearance due to project involvement with the public sector.
Role Responsibilities: As a Cloud Application Security SME, you will: Work within agreed timelines across evaluation, design, and build phases to identify security requirements, define application security solutions, and configure and test security tools within DevSecOps environments.
Leverage your knowledge of industry standards and best practices to guide security reviews and validation processes for clients, and support enablement and definition of application security outcomes.
Identify client needs related to application security technology, tool, and process adoption; technical security requirements; and security gaps, issues, and assumptions in client applications, while ensuring strong stakeholder engagement and risk mitigation.
Define key security objectives by crafting project testing strategies, plans, scenarios, and approaches; establishing security targets, risk management processes, and metrics; and creating cross-team implementation plans to meet client goals.
Implement and manage application security by setting up security-specific components across development, test, and production; integrating application security and DevSecOps technologies; and establishing robust security practices for client systems.
Oversee, evaluate, and support discovery and audits, documentation, validation, assessment, and authorization; while working closely with GRC consultants and solution architects in securing products and services.
What You Bring: The ideal candidate is passionate about solving client challenges through a security-focused approach and excels in a client advisory role.
Cloud Security Expertise: Experience in designing and implementing security within public cloud platforms with AWS Programming Skills: Proficient in languages such as Java, Python, TypeScript, Go, or Rust.
API Security: Strong understanding of API protocols like REST, SOAP, gRPC, and WebSockets, and experience in securing them.
DevSecOps Knowledge: Familiarity with DevSecOps frameworks, methodologies, and application security testing, particularly SAST.
Toolset Experience: Skilled in integrating and operating security tools such as Synopsys, Veracode, Checkmarx, Cequence, Akamai, Salt, GitLab, MicroFocus Fortify, WebInspect, SonarQube, Qualys, and TripWire.
Database Knowledge: Familiarity with RDBMS such as MySQL, PostgreSQL, MariaDB, SQL Server, and Oracle.
Security Principles: Knowledgeable in Secure by Design and Zero Trust principles.
If you're a motivated, client-focused expert in cloud application security, we encourage you to apply and contribute to our clients' success.
If you require any reasonable adjustments during the interview process, please let us know in advance.
We are happy to discuss and accommodate any specific needs to ensure that all candidates can perform to the best of their abilities in an environment that is supportive and inclusive.