Skills :

- 7 -10+ years of experience.

- Demonstrated expertise and experience working in security-focused roles

- In-depth experience with Data security, especially AWS and Azure platforms

- Significant experience in cloud security architecture, methods and tools.

- Experience coding in Python, CloudFormation, and at least one scripting language

- Strong analytical and troubleshooting skills with the capability to handle and own critical issues through to resolution.

- Experience in Design and Implementation guidance to DevSecops process

- Experience leading large-scale projects from start to finish and mentoring other security practitioners

- Adept experience providing SME knowledge and guidance to stakeholders and engineering functions

- Focus on continuously improving Data security capabilities by assisting to lead the delivery of initiatives in support of the Global Security Strategy

- Comfortable operating in and reviewing modern cloud technologies from providers such as AWS, Azure

- Experience in understanding API development, integration and security

- Experience with security program management, cyber threat management, identity and access management and data protection(encryption) and privacy.

- Skills in security assessment, design, architecture, management, and reporting

Main Responsibilities :

- Part of a scrum team leading and participating in projects to deliver data security and monitoring features for the Enterprise Data Program, and Enterprise Data Security.

- Leading the resolution of technical data security issues, working across teams and in particular with ED Security and Information Security

- Working with core and functional teams (including business partners) to understand and gather requirements, in order to inform data security models, architecture designs and processes for security features.

- Collaborating with teams to ensure EDP security models and designs are within standard practices, technologies and architectures, incorporating privacy best practice, Protect principles and policies, and security-by-design principles.

- Collaborating with third party organizations and resources to help implement and delivery security projects

- Documenting security designs, architectures and processes according to validation and quality practices

- Working with Enterprise Information Security and conducting security assessments and any other needed activities as a result of audits, security findings and security improvement roadmaps.

Skills needed :

- Understanding of Information Security practices, methods and tools

- Experience of working with cloud-based technologies, in particular AWS and AWS security processes, technologies and methods

- Relevant AWS Certifications (particularly security-related)

- Security Automation experience

- Experience and understanding of system development, API integration, data storage and movement

- Experience of technologies such as TLS, PKI, OpenID Connect, OAuth 2.0, JWT, SAML, XACML

- Experience of systems analysis to gather requirements and create/propose designs

- Knowledge of data security standard methodologies for structured and unstructured data repositories

- Experience of data protection technologies such as data-loss prevention, encryption, data masking/scrambling, access and rights management

- Desirable : Knowledge / experience of security monitoring tools and techniques

- Desirable : experience in working with data-focused applications and technologies such as databases, data lakes, warehouse