Azure Cloud Security Architect

Azure Cloud Security Architect M365 NIST ISO27001 A global investment business covering individual and institutional investment strategy is looking to add an Azure Specialist Cloud Security Architect to their successful team just outside of Epsom. You will join the global Cyber Security function protecting the Technology Environment from internal and external security threats. This encompasses Application Security (through secure coding practices, penetration testing, and developer training) Centralised Access Management, Infrastructure Security, Security Engineering and Architecture, Security Application Support, Cyber Defence Operations, Information Security Risk Management, Technology Risk and Audit Management/Technology Service Continuity. You will be the primary contact for M365 and Azure engagement, driving interaction with core stakeholders including Cyber Security, Cloud Operations and Product Owner teams. You will be expected to be an expert in the implementation of workload within Microsoft Cloud Services in a secure and compliant manner and will consult on the appropriate use. You will drive engagement with Cloud Operations and Product Owner teams to support the definition of security requirements for new Microsoft Cloud based services and applications. In this role you will also be expected to perform secure solution design, ensuring standardisation and consistency in the definition of security principles and ensuring that security is built in by design and complies with overarching organisational security requirements. Key Responsibilities Delivering in collaboration with Product Teams and Cyber Security Teams the adoption of Microsoft Cloud based security services and capabilities. Designing security in from the start and supporting the companies cloud first strategy. Creating, reviewing and enforcing security design patterns to support desired architecture. Empowering Product Teams and Cloud Operations to achieve secure delivery underpinning the Cloud First strategy. A Cloud evangelist, passionate about driving innovation of security and Cloud adoption. Responsible for defining how the business will utilise Microsoft Cloud in a secure and compliant manner. Responsible for ensuring that all cloud security designs, blueprints and artefacts are maintained and adhere to good practice. Acting as a point of contact for Cloud Security Architecture for other Technology teams within the organisation. Leading the assessment of Microsoft Cloud services and how they may be consumed in a financial services organisation globally. Responsible for identifying and recommending component design changes to achieve compliance with security policies and the enterprise security architecture blueprints and roadmaps. Experience and Qualifications Required Recent and practical experience of implementing Microsoft Cloud security services including AAD, MCAS, ATP, Mobile Security and Azure Security. Experience of secure implementation and adoption of wider Microsoft Cloud based capability in a secure manner. Knowledge of the OWASP top 10 vulnerabilities. Understanding of off-cloud technologies; storage, server, network, middleware etc and how they may interact in a hybrid cloud environment. Familiarity with NIST 800-53, Cloud Security Alliance and ISO27001 control frameworks. Working understanding of GDPR, FCA regulations, Privacy regulations and practices. Experience of platform and application layer encryption concepts and practices. Team player, collaborator and educator. Able to operate with autonomy and build relationships - become the "go-to" person. Ability to consume and define integration technology and patterns. Concise and effective communicator confident with presenting to audiences at all levels in an organisation and will mixed levels of technical understanding. Scrum/Kanban experience. This organisation is looking for someone who has the personality and desire to build strong internal relationships whilst delivering business critical Azure projects to tight deadlines. You will possess a breadth of knowledge across the Cyber and/or Technology stacks with working familiarity of Cyber control frameworks NIST, ISO27001 etc. with a clear understanding of the OWASP top 10. An undergraduate degree in a relevant technology field or significant relevant experience is a must. Must also have security accreditations such as CISM, CISSP or CISA. If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at hays.co.uk