Cloud Security Engineer at BT

Job Description:

About this role

The role of the Cloud Security Engineer will be pivotal, as BT embarks on a journey to be digital and cloud-native, this role will play an important role in the journey to do this successfully.

The role expects that you have a deep understanding of Cloud architecture and relating security. You will be accountable for risk management, security governance and will lead the Cloud Centre of Excellence’s response to reactive IT Security Incidents. You will be the engineering focus for Cyber Security and own the decisioning around BT security compliance conformance, acceptance and mitigation.

You'll have the following responsibilities:

• You will be part of the cloud centre of excellence team and will be expected to work with Enterprise Cloud Architects, Principal Security Architects and Cloud platform engineering
• Accountable for effective risk management within the Cloud Centre of Excellence as defined by the Technology and Global Risk Management Frameworks
• Accountable for effective IT Security Governance within the Cloud Centre of Excellence as defined by the BT Security Council and associated forums.
• Responsible for the effective running of the Security and Data Privacy controls within the Cloud Centre of Excellence
• Lead the Cloud Centre of Excellence’s response to reactive IT Security Incidents ensuring they are seen as an exemplar in engagement and response.
• Maintaining cloud security posture, reporting regularly on guard rails and compliance.
• Seeking opportunities to improve guard rails in order to protect BT’s assets in the public cloud.
• Hold a close working partnership with BT security; responsible for interactions with Vulnerability and compliance management team, CyberOps and Incident management.
• You will work with the engineering teams to ensure that security is built into their deliveries as BAU and any Cloud services are compliant prior to becoming consumable
• You will work closely with the Security teams, to ensure the cloud platforms are conformant to policy and that tooling is appropriate for cloud use.
• You’ll experiment with technology – running trials, proofs of concept etc to ensure our journey to cloud is secure.
• Cloud Centre of Excellence risk management, focussing on Cyber Security, striking an appropriate balance between mitigation and acceptance.
• Cloud Centre of Excellence decision maker on wider BT Security Policy, Risk Acceptance and mitigation priorities.
• You will ensure well maintained security documentation on Cloud for consumption by the both the engineering teams and consumers of Cloud.
• Responsible for taking security decisions to the relevant security forums for buy-in or review
• Implementation of security related transformation activities across cloud platforms or customer solutions.
• Recruit, develop and manage a team of SecOps engineers that cover all of BT’s strategic and specialist cloud platforms
• You will decide on the role of the SecOps engineer and the way of working across the Cloud Centre of Excellence, ensuring alignment with BT’s overall Security operating model
• You will have engineering and operational sign-off on any architectural patterns for Cloud

You'll have the following skills & experience:

• Experience as a Cloud Security Engineer for 4+ years, in a large organisation.
• Experience of using Security Benchmarks and practices
• Excellent communication skills, often being able to compromise but draw out risks and constraints associated with solutions but also communicate with a wide audience of stakeholders up to ‘B’ level
• You should have expertise in a security technology and how it applies to the engineering teams. For example: Threat Management, Incident Response, Pen-test, Data - Security or Identity and Access Management.
• Experience with security architecture, particularly its application into cloud & infrastructure environments
• Well versed in operational security processes and working practices
• Hands-on experience of Cloud Computing, security services like WAF, Security Hub, GCP Security Command Centre and infrastructure systems,
• Professional or Speciality Security Architecture certification on AWS and/or GCP.
• Experience of Oracle Cloud or Azure is desirable, but not essential
• Experience of security in a Kubernetes environment is desirable, but not essential
• Be a collaborative worker
• Have experience working as a part of a team using agile methodologies
• You will have led and developed other engineers
• Demonstrate the ability to quickly make decisions and deliver technical proposals to a wider team

Benefits

• Competitive salary.
• 10% on target bonus.
• 25 days annual leave (plus bank holidays), increasing with service.
• BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%.
• Huge range of flexible benefits including cycle to work, childcare vouchers, healthcare, season ticket loan.
• Option to join BT Shares Saving schemes.
• Discounted BT products including free broadband and BT Sport.
• Access to 100’s of retail discounts including the BT shop.

How to Apply

It's easy to apply online; you just need a copy of your up-to-date CV and to follow the step-by step process. Don't worry if you need to make changes - you'll have the opportunity to review and edit your work on the final page. We look forward to receiving your application!

Company Benefits

• 25 days annual leave (plus bank holidays),
• 10% on target bonus,
• Life Assurance,
• Pension scheme,
• Option to join the Healthcare Cash Plan or other benefits such as dental insurance, gym memberships etc.,
• 50% off BT and EE mobile pay monthly or SIM only plans,
• Exclusive colleague discounts on our latest and greatest BT broadband packages, BT TV, including BT Sport and the NOW Entertainment membership, and 25% off NOW Sport, Cinema and Kids,
• 30% discount for friends and family on EE mobile pay monthly and SIM only plans

Interview Process

• 30 minute discussion with Talent Acquisition
• 1-1.5 hour discussion with the hiring manager and a member of the team
• Final stage 15-30 minute meet and greet with Director of Cloud & Security Architecture