Cloud Security Engineer - Containers (contract)

Lloyds Banking Group is the UK’s largest Digital, Retail and Commercial Bank with a focus on Helping Britain Prosper.

We’re on the mission to build the bank of the future, and we need your help do it! Continuing our extensive transformation programme, we're redefining what a bank is from the inside out. Our technology, our culture, and our mind-set is changing to craft a true engineering-led organisation.

Our Cloud Centre of Excellence (CCoE) is looking for a Cloud Security Engineer – Containers (contract role) to be involved in the design and delivery of security services across the organisation’s Cloud Platform environment, with accountability for a range of work across both Security ‘build’ and ‘run’.

The role involves working to obtaining a deep understanding of various technologies and applications to produce necessary design or solution documents. This will involve leading projects technically, working with security teams and SMEs across the Group as well as with vendors and developers

You would be involved in senior level engagement into the business area and be accountable for the delivery of assigned projects, representation at local governance along with providing senior technical leadership and consultancy to both internal CCoE and external colleagues as required.

What you’ll get involved with:
 

• Provide the following capabilities as required by the project or determined by the work load alignment:
• Security Engineering and Design
• Security Consultancy

• Participate within each project as a primary resource ensuring commitment to attend all appropriate calls and meetings as agreed with the project manager.
• Accept ownership for technical related deliverables as defined by the project scope. Agree these deliverables with the aligned Senior Security Engineer for the portfolio to ensure strategic and risk reduction adherence. Work with the project manager and business analyst to ensure any critical success factors or business objectives are reasonable and can be met.
• Manage requirements from stakeholders within each project and collaborate with the Senior Security Engineer portfolio lead on challenges that need wider business discussion or escalation to the Lead Security Engineers.
• Analyse security risk within each design as appropriate to the scope and ensure that all interested stakeholders are informed or consulted where necessary.
• Design and implement security controls using a combination of Enterprise Architecture Patterns, Security Standards and bespoke deliverables.
• Work closely with vendors, platform teams and SME’s where necessary in order to agree architectural decisions, design statements and exceptions. Where necessary support the project in obtaining waivers related to security design decisions taken.

What you’ll need:

You should have experience and knowledge of a broad range of IT security principles and associated technologies. We’d expect you to be able to clearly demonstrate your understanding of each skill area.

You’d need to have significant knowledge of Cyber Security as it applies to Enterprise business and ideally exposure to risk or threat assessment techniques.

We’re looking for technical experience and demonstrable skills in one or more of the following areas:

• Knowledge of container security best practices with experience of creating new platforms and migrating applications onto them - Openshift containers on CoreOS/RHEL
• Exposure to cloud security models including public, private and hybrid concepts
• Cloud policy engineering & deployment (Azure Guard rails)
• Cryptographic knowledge including encryption, key exchange, certificate handling and protocols (x509, PKCS12 etc)

• Security Control Frameworks e.g. NIST, CIS & ISO27001 and practical experience in their implementation
• Continuous compliance
• Infrastructure Architecture principles, security best practices
• Network security devices including NGFW, UTM or NIPS/NIDS
• Web application firewalls, network load balancers, proxy systems
• Network, Endpoint and Application logging concepts, best practice and monitoring systems including SIEM
• Authentication, Authorisation and Accounting concepts, best practice and IAM management systems. OTP and MFA systems.
• Active Directory Security including federated solutions using ADFS, SAML etc
• Application security including web applications, SaaS services etc
• Data handling principles, protective marking/tagging and data security knowledge

What you’ll get in return:

• Competitive day rate (Inside IR35)
• Contracts largely extended beyond 3-6 months
• Experience of working with Innovative technologies
• Supportive, Inclusive working environment where you’ll really feel like part of a great team
• Flexibility

As a new colleague you’ll join us on our journey to build a 21st century bank that reflects modern Britain, and craft an inclusive culture where all colleagues feel encouraged and valued.

We're committed to building a workforce which reflects the diversity of the customers and communities we serve, and to building an inclusive environment where all our colleagues can be themselves and succeed on merit. We support the principles of agile working and are happy to consider flexible working arrangements, whether this is job share/part time/various hours. You can be based from any UK location and our roles are largely home based. We're an equal opportunity employer and deeply value diversity within our organisation. So, if you possess the Cyber skills we’re seeking then get in touch, we’d love to hear from you!