Cloud Security Architect
UK Wide – With Travel.
Who you’ll be working with
You will be working within our Cyber Security Unit (“CSU”) which brings together 2,500 professionals to help define and implement our clients’ cybersecurity strategies. We protect their IT, industrial systems and the ever growing number of products and systems enabled by the Internet of Things (IoT). We also strengthen their defences, optimize their investments and control their risks. Our CSU include security experts (e.g. specialists in infrastructure, applications, endpoints and identity and access management), a research and development team (whose members specialize in malware analysis and forensics), ethical hackers, five multi-tenant security operation centers (SOC) in different parts of the world, and an Information Technology Security Evaluation Facility.
The focus for your role
As a Cloud Security Architect you will be in a technical, client-facing role, supporting and guiding clients in their experience with Capgemini’s Cloud Choice security solutions and services.
You will be responsible for ensuring timely responses to our clients’ Request for Proposals (RFPs) and questionnaires. You will collaborate with our business units, partners and legal teams to refine service agreements and service descriptions aligned with Capgemini’s Cloud Choice security strategy and policies. You will also share your knowledge and play an important role in developing our other consultants and our graduate community to ensure our CSU’s Cloud security skills and capability continues to grow.
What you’ll do:
• Help clients create and develop enterprise security use cases which align to their organisational security strategy and Cloud security baseline.
• Design, develop and build security reference architectures for public, private, and hybrid cloud based systems within Amazon Web Services (AWS), Microsoft Azure, or other cloud providers.
• Act as an ambassador and senior technical representative for Capgemini Cloud security (e.g. engaging with senior technical leaders in our clients’ organisations to design and implement Cloud and Cloud hybrid based solutions.
• Work with Capgemini’s Business Consulting, Infrastructure Services, and Application Development business units to develop standards, choose appropriate technology solutions and enable complete integration of our clients’ environments.
• Lead training and technical forums, serve as a mentor and execute other initiatives designed to share knowledge with other people and teams.
• Identify, recommend and co-ordinate training sessions to deliver the knowledge other teams need about security-relevant technologies, processes and tools.
What you’ll bring:
• A firm understanding of the cloud delivery, security and deployment models for IaaS, PaaS and SaaS and up-and-coming Account – System – Server – Services hierarchy (AssS) service offerings provided by Amazon Web Services (AWS) and Microsoft Azure platforms.
• A firm understanding of the security, configuration and deployment requirements for SaaS offerings (such as Salesforce) is highly desirable.
• Proven ability to design and implement secure cloud architectures and designs that meet clients’ business requirements and incorporate appropriate and sustainable security controls and risk reductions.
• Technical knowledge in routing, firewall policy, Anti-Distributed Denial of Service (Anti-DDoS), Web Application Firewall (WAF), Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), secure credential management, virtualisation, service oriented architecture (SOA), Secure DevOps (SecDevOps), operational practices, micro services architecture and database design.
• Experience in designing and implementing MS O365 SaaS service offerings for clients, including areas such as:
o Enterprise network transformation requirements
o Express route/resilient IPS connectivity design
o Cloud based proxies/WAFs
o Security controls for Cloud and endpoint services
o Cloud Access Security Broker (CASB) into SaaS services
o Encryption gateways, API firewalls, etc
o Integration of CASB to SOC/SIEM services
• Experience with assessing, developing, designing, implementing, operationalizing and documenting a comprehensive set of security technologies and processes within SaaS, IaaS, PaaS, and other cloud environments, such as:
o Secure software development (application security)
o Infrastructure security (network & endpoint)
o Data protection (cryptography & key management, DLP, etc)
o Identity and access management (IAM, IDaaS, etc)
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
• Experience with service-oriented architecture for cloud-based services.
• Experience working with cloud security and governance tools, CASBs and server and network virtualization technologies such as SDN.
• Experience with enterprise applications (architecture, development, support, and troubleshooting).
• Experience performing threat modelling and design reviews to assess security implications and requirements that accompany the introduction of new technologies. This includes knowledge of CSA, OWASP and other Industry Cloud Security Frameworks.
• Experience in presenting technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
• Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.
• Ability to work independently with minimal direction (self-starting and motivated)
• Experience with deployment orchestration, automation, and security configuration management (Puppet, Chef, Docker, etc.) preferred.
What we’ll offer you
Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.
Why we’re different
At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too.
Capgemini positively encourages applications from suitably qualified and eligible candidates regardless of sex, race, disability, age, sexual orientation, gender reassignment, religion or belief, marital status, or pregnancy and maternity. We are committed to hiring, developing and retaining the best people to deliver innovative, world-class solutions for our clients. We foster an inclusive culture that enables everyone to achieve their full potential and enjoy a fulfilling career with us. Our comprehensive flexible benefits package and lifestyle policies enable our employees to balance their individual, family and work-life needs.