Senior Cloud Security Architect

About Claranet

Founded at the beginning of the dot.com bubble in 1996, our CEO Charles Nasser had a light bulb moment to develop a truly customer-focused IT business. Since then, Claranet has grown from an Internet Service Provider (ISP) in the UK to being one of the leading business modernisation experts, who deliver solutions across 11+ countries.

At Claranet, were experienced in implementing progressive technology solutions which help our customers solve their epic business challenges. Were committed to understanding their problems, delivering answers quickly, and making a lasting impact to their business.

We are agile, focused and experienced in business modernisation. Our approach helps customers make genuine, significant shifts in their business strategy, to deliver financial savings, boost innovation, and create a resilient business. We continually invest in our people and the latest technologies, so our customers get peace of mind knowing that they have access to the best talent and services.

In the UK we have over 500 staff working in London, Gloucester, Warrington, Bristol, and Leeds or as homeworkers. we have 130 staff in India working for international projects.

Working For Claranet

Here at Claranet we pride ourselves on going the extra mile for and with our employees (yes, we really mean it). We offer an extensive benefits package, inclusive of a matching contribution provident fund, Gratuity, Flexible tax saving benefits, healthcare, attractive insurance benefits.

Claranet are one of the 10 founding members of TC4RE (Technology Community for Racial Equality.) Being a part of a group of leading UK technology organizations, we are dedicated to building a more diverse and inclusive workforce.

Our Vision

Our vision is to become the most trusted technology solutions partner; renowned for being the best and brightest, having lasting impact with our customers and delivering exceptional returns to our stakeholders.

Essential Roles & Responsibilities

• Work within a dedicated security engineering function that accelerates the delivery of creative and secure capabilities for cloud products
• Design and implement security architectures for cloud-based systems
• Build security control framework and generic reference architectures for cloud based applications
• Assist with identifying security requirements to be followed by LoB/Dev teams when building Cloud applications
• Perform risk assessment, threat modelling and review existing cloud security architectures to identify potential areas of weakness or need for enhancement
• Perform security assessments including threat modelling and security integration assessments. Ensure that security design and controls are consistent with the organisation's security architecture principals
• Align cloud security practices with industry frameworks such as NIST, CIS, and CSA
• Develop configuration hardening guidelines for Cloud Services (AWS, Azure, GCP)
• Provide expertise on encryption, key management, identity and access management (IAM), network security, and other cloud security technologies
• Communicate effectively with stakeholders to provide regular updates on cloud security status and issues
• Continuously evaluate the cloud security architecture for improvements and to accommodate changing cloud environments, accommodating for scalability, reliability, and availability

Total IT Experience: 4-8 years

Position Specifications

• Bachelors Degree or industry equivalent work experience in cybersecurity, international security architecture, and/or engineering in a converged security program
• 4+ years of Information Security experience in areas of Information/Cloud Security
• In-depth knowledge of any public cloud technologies (AWS, Azure, Google Cloud Platform) and associated security risks and controls
• Demonstrated knowledge of software development processes (SLDC/Agile/Iterative/DevOps)
• Experience of delivering security solution architecture from end-to-end
• Threat modelling using industry standard methodologies (e.g. STRIDE/DREAD)
• Security architecture assessments for one or more IT systems such as Web, Mobile, APIs/Microservices, Cloud (AWS/GCP/Azure/Oracle)
• Experience developing Reference Security Architecture and Design Patterns to support proactive and automated controls
• A demonstrated knowledge of information security standards, rules and regulations related to information security and data confidentiality and other various security standards and policies
• Ability to keep up to date with technology and security. Make informed decision and appropriate adjustments
• Good interpersonal and communication skills with the ability to influence at all levels of the organisation, while being able to simplify complex topics
• Ability to organise, prioritise, and lead multiple deliverables simultaneously across a large, global corporate environment
• Familiarity with containerization and orchestration technologies (Docker, Kubernetes, etc.)
• Experience with Infrastructure as Code (IaC) tools (like Terraform, Ansible)
• Professional security management certification, such as a CISSP, CISM, CCSP, or similar