Lead Security and Information Risk Advisor
- Job Type:
• As the lead Security Analyst working on the Analytical Platform, you will join a talented S&P team of cybersecurity consultants, offensive security engineers, security operation engineers and strategic risk advisors that provide advice, guidance and direction to the whole of the MOJ.
• You will work closely with a cybersecurity consultant on the Analytical Platform to identify security gaps, advise on if and when they need mitigation, design security controls for proportional resolution and be the primary hands-on implementer for them, working with the Analytical Platform development team.
• The Analytical Platform is hosted on Amazon Web Services ('AWS') using Kubernetes. It leverages Auth0 for authentication, GitHub for application/infrastructure code storage and primarily Terraform to provision cloud resources.
• Develop and automate security capabilities
• Identify low-level through to strategic gaps in defences
• Advise on security measures that should be implemented
• Implement technical security measures
• Promote security awareness within MOJ teams
• Support technical security incident response
Skills & Experience:
• Experience with scripting threat and vulnerability management solutions, application security and using analytics to understand/influence such changes
• A good understanding of Python or another modern scripting language
• The ability to use AWS & Linux operating systems using non-graphical interfaces with ease
• Experience with securing AWS (in particular, IAM, S3 and EC2)
• Experience with securing Linux-based containers
• Experience with version control through Git
• Experience with proactively investigating, analysing, managing and mitigating/resolving security incidents
• Excellent communication skills
• Knowledge of web application (example include REST/gRPC, APIs, role-based access, OWASP Top 10) and cloud infrastructure vulnerabilities and common remediation techniques
• Knowledge of security monitoring, prevention and control systems including but not limited to firewalls, IDS/IPS, web proxies, antivirus and log correlation solutions
• Understanding of how technical security fits in within wider threat models
• Experience with securing Kubernetes
• Experience designing and implementing multi-account AWS structures
• Experience designing and implementing cross-account AWS IAM roles and using assume-role
• Experience of security automation using a wider set of scripting languages, such as Perl, Python, Ruby, and/or Bash as well as the configuration of infrastructure with code automation (e.g. Atlassian tools, Ansible, Puppet, or Chef)
• Experience with version control software and job execution tools beyond Git, such as GoCD, Octopus, Jenkins, RunDeck, SaltStack
• Experience with cloud platforms to include virtualization, containerisation and orchestration technologies on Azure
• Experience with implementing/securing federated identity solutions using OAuth and OIDC
• Experience of secure coding and testing across a variety of tools (static, dynamic, and both automated and manual) and vulnerability management
• Knowledge of security architectures, in particular for modern digital services, including how they are developed and operated safely at scale
• Experience with log aggregation tools such as Splunk
• Experience with SIEM tools such as LogRhythm
• Knowledge of penetration testing (or 'red teaming') and related disciplines.
• Recognised security certifications (particularly from AWS)
At First Recruitment we understand just how important it is to secure the right people. That's why our consultants always take the time to understand requirements in detail and offer sound advice to both clients and candidates.
This is a superb opportunity for anyone looking to work for a reputable organisation.