Role: 5 x Security engineer
Rate: Inside IR35
Location: 3 days a week onsite in London
Duration: 6-months initially
Role description:
Cyber Security Designs, Strategies, and Security Patterns, data security and compliance by implementing GCP, Azure security best practices, managing IAM roles and permissions, GCP, Azure environments by implementing robust security controls, encryption, and access management policies
Key responsibilities:
Each team that owns a security control has been responsible for creating the format they use to guide the consumers of that control
1.Engineering Guardrails that help security control users identify the strategic solution to meet their use case and map to the appropriate engineering pattern
a. Depending on the type of security control, the security control users would know the use case they need to meet, the technology they are using, and the environment it's needed it.
2.Engineering Patterns tell the security control users how to use the required control on the technology/platform they are using and for each environment/datacentre. Many of the engineering patterns will be the same regardless of the technology/platform or environment/datacentre. But when those variables do impact HOW a user onboards a given security control, patterns specific to their overall use case is required.
Each technology that is used to meet security use cases will have engineering patterns documented.
Engineering patterns will be mapped to an engineering guardrail
There will be an engineering pattern for each variation that is needed to meet known use cases.
Contractor will work with relevant Product Owner and Engineering Leads to identify each unique use case that requires an engineering pattern
Contractor will work with feature team's engineers to populate the engineering pattern for each unique use case
Initial engineering patterns will go through user acceptance testing to ensure the intended audience is able to use the document as expected
LBG GSRA and AccSec Teams will work with contractor to ensure proper governance is achieved for each engineering pattern
The maintenance review cycle will be initiated from the date the document completed governance assurance.
Completed engineering pattern will be added to applicable engineering guardrail and published in the Group Security Reference Architecture
Key skills/knowledge/experience:
-Both the Engineering Guardrails and the Engineering Patterns are needed for most, if not all, CSO controlled security technologies. The Accelerated Security Workstream and Group
-Security Reference Architecture team will work with the contractor to prioritise the order the technologies are documented
-Developing Engineering Guardrail Template
-Developing Engineering Pattern Template
-User acceptance testing templates
-Test and learn of templates
-Upload finished templates to GSRA SharePoint
Person specification: I.e., negotiating, client facing, communication, assertive, team leading/team member skills, supportive. Excellent communication skills is a must and should be willing to stretch to fulfill any complex customer requirements. Must be proactive in guiding and helping the customer in their decision-making process
LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
